Alternatives and similar repositories for AtlasReaper:

Users that are interested in AtlasReaper are comparing it to the libraries listed below

• synacktiv / GPOddity
  The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).
  ☆272Updated 3 months ago
• improsec / BackupOperatorToolkit
  The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin
  ☆168Updated 2 years ago
• Malcrove / SeamlessPass
  A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO
  ☆163Updated 5 months ago
• nettitude / ETWHash
  C# POC to extract NetNTLMv1/v2 hashes from ETW provider
  ☆252Updated last year
• coffeegist / bofhound
  Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
  ☆187Updated last month
• slemire / WSPCoerce
  PoC to coerce authentication from Windows hosts using MS-WSP
  ☆229Updated last year
• xpn / sccmwtf
  ☆144Updated last week
• xpn / OktaPostExToolkit
  ☆177Updated 2 months ago
• powerseb / PowerExtract
  ☆113Updated last year
• garrettfoster13 / aced
  ☆157Updated 3 months ago
• zblurx / acltoolkit
  ACL abuse swiss-knife
  ☆119Updated 2 years ago
• synacktiv / SCCMSecrets
  SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.
  ☆193Updated last month
• CCob / DRSAT
  Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…
  ☆225Updated last month
• fortalice / bofhound
  Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
  ☆319Updated 11 months ago
• tothi / serviceDetector
  Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin pr…
  ☆231Updated last year
• JPG0mez / ADCSync
  Use ESC1 to perform a makeshift DCSync and dump hashes
  ☆203Updated last year
• 1njected / CMLoot
  Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) SMB shares
  ☆166Updated 2 years ago
• trustedsec / specula
  ☆187Updated 4 months ago
• nettitude / Aladdin
  ☆219Updated last year
• akamai / DDSpoof
  DDSpoof is a tool that enables DHCP DNS Dynamic Update attacks against Microsoft DHCP servers in AD environments.
  ☆118Updated 10 months ago
• ad0nis / ntlm_relay_gat
  ☆147Updated 11 months ago
• nheiniger / SnaffPoint
  A tool for pointesters to find candies in SharePoint
  ☆242Updated 2 years ago
• trustedsec / orpheus
  Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types
  ☆377Updated last year
• g0h4n / RustHound-CE
  Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀
  ☆154Updated this week
• Luct0r / KerberOPSEC
  OPSEC safe Kerberoasting in C#
  ☆189Updated 2 years ago
• ZephrFish / Bloodhound-CustomQueries
  Custom Queries - Brought Up to BH4.1 syntax
  ☆241Updated 3 months ago
• Friends-Security / SharpExclusionFinder
  Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …
  ☆186Updated 4 months ago
• mandiant / ccmpwn
  ☆190Updated 10 months ago
• ThePorgs / impacket
  Impacket is a collection of Python classes for working with network protocols.
  ☆272Updated last month
• 0xBallpoint / LOAD
  Lord Of Active Directory - automatic vulnerable active directory on AWS
  ☆140Updated last year