Alternatives and similar repositories for rcat

Users that are interested in rcat are comparing it to the libraries listed below

• xct / winssh
  ☆61Updated 2 years ago
• xct / SeManageVolumeAbuse
  SeManageVolumePrivilege to SYSTEM
  ☆137Updated last year
• synacktiv / OUned
  The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning
  ☆145Updated 6 months ago
• xct / SeRestoreAbuse
  SeRestorePrivilege to SYSTEM
  ☆124Updated 4 years ago
• amauricio / junkshell
  ☆71Updated 6 months ago
• synacktiv / Prox-Ez
  ☆97Updated 8 months ago
• dadevel / mssql-spider
  Automated exploitation of MSSQL servers at scale
  ☆120Updated this week
• zblurx / impersonate-rs
  Rusty Impersonate
  ☆100Updated 2 years ago
• m8sec / CVE-2021-34527
  PrintNightmare (CVE-2021-34527) PoC Exploit
  ☆116Updated 2 years ago
• synacktiv / CVE-2024-43468
  ☆92Updated 8 months ago
• synacktiv / DLHell
  Local & remote Windows DLL Proxying
  ☆165Updated last year
• RayRRT / Active-Directory-Certificate-Services-abuse
  ☆52Updated 3 years ago
• pwnsauc3 / RWXfinder
  The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section
  ☆106Updated 2 years ago
• som3canadian / Cloudflare-Redirector
  Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.
  ☆173Updated 6 months ago
• m3f157O / combine_harvester
  Rust in-memory dumper
  ☆108Updated 2 years ago
• powerseb / PowerExtract
  ☆119Updated 6 months ago
• jazzpizazz / BloodHound.py-Kerberos
  A Python based ingestor for BloodHound
  ☆85Updated 3 years ago
• t1Sh1n4 / Umbrella
  Umbrella will protect your shellcode from the rain.
  ☆30Updated 4 months ago
• OleFredrik1 / remoteKrbRelayx
  A tool for coercing and relaying Kerberos authentication over DCOM and RPC.
  ☆137Updated 2 months ago
• Karmaz95 / evasion
  AV Evasion Techniques
  ☆79Updated 3 years ago
• MzHmO / TGSThief
  My implementation of the GIUDA project in C++
  ☆187Updated 2 years ago
• p0dalirius / MSSQL-Analysis-Coerce
  A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.
  ☆131Updated 2 years ago
• ommadawn46 / win-x86-shellcoder
  A tool for developing bad character-free shellcode to bypass DEP with WriteProcessMemory (32-bit only)
  ☆67Updated 3 years ago
• sevagas / Advanced_Initial_access_in_2024_OffensiveX
  Resources linked to my presentation at OffensiveX in Athens in June 2024 on the topic "Breach the Gat, Advanced Initial Access in 2024"
  ☆145Updated last year
• xct / SeDebugAbuse
  Get SYSTEM via SeDebugPrivilege
  ☆21Updated 3 years ago
• p0dalirius / MSRPRN-Coerce
  A python script to force authentication using MS-RPRN RemoteFindFirstPrinterChangeNotificationEx function (opnum 65).
  ☆27Updated 8 months ago
• naksyn / ProcessStomping
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆146Updated last year
• lefayjey / SharpSQLPwn
  C# tool to identify and exploit weaknesses within MSSQL instances in Active Directory environments
  ☆111Updated 3 years ago
• horizon3ai / backup_dc_registry
  A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY
  ☆86Updated 3 years ago
• OmriBaso / WTSImpersonator
  WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"
  ☆120Updated last year