Alternatives and similar repositories for rcat:

Users that are interested in rcat are comparing it to the libraries listed below

• xct / winssh
  ☆55Updated last year
• xct / SeManageVolumeAbuse
  SeManageVolumePrivilege to SYSTEM
  ☆82Updated last year
• zimedev / certipy-merged
  Tool for Active Directory Certificate Services enumeration and abuse
  ☆102Updated this week
• xct / SeRestoreAbuse
  SeRestorePrivilege to SYSTEM
  ☆87Updated 3 years ago
• synacktiv / OUned
  The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning
  ☆103Updated 9 months ago
• RayRRT / Active-Directory-Certificate-Services-abuse
  ☆44Updated 2 years ago
• Sh4N4C1 / sh4loader
  ☆29Updated 4 months ago
• naksyn / ProcessStomping
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆147Updated last year
• szymex73 / bloodhound-convert
  Python based Bloodhound data converter from the legacy pre 4.1 format to 4.1+ format
  ☆54Updated 2 years ago
• synacktiv / DLHell
  Local & remote Windows DLL Proxying
  ☆161Updated 7 months ago
• powerseb / PowerExtract
  ☆113Updated last year
• zblurx / impersonate-rs
  Rusty Impersonate
  ☆94Updated last year
• som3canadian / Cloudflare-Redirector
  Just another C2 Redirector using CloudFlare.
  ☆84Updated 8 months ago
• two06 / CerealKiller
  .NET deserialization hunter
  ☆76Updated 6 months ago
• m8sec / CVE-2021-34527
  PrintNightmare (CVE-2021-34527) PoC Exploit
  ☆107Updated 2 years ago
• x4sh3s / AMSI_Lines
  Bypass AMSI By Dividing files into multiple smaller files
  ☆45Updated 2 years ago
• synacktiv / CVE-2024-43468
  ☆74Updated 2 weeks ago
• pwnsauc3 / RWXfinder
  The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section
  ☆98Updated last year
• sevagas / Advanced_Initial_access_in_2024_OffensiveX
  Resources linked to my presentation at OffensiveX in Athens in June 2024 on the topic "Breach the Gat, Advanced Initial Access in 2024"
  ☆131Updated 5 months ago
• g0h4n / RustHound-CE
  Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀
  ☆143Updated 2 weeks ago
• rootshooter / shellcoder
  Shellcode generation and encoding utility
  ☆21Updated 2 years ago
• gsmith257-cyber / better-sliver
  Adversary Emulation Framework
  ☆63Updated 6 months ago
• horizon3ai / backup_dc_registry
  A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY
  ☆80Updated 2 years ago
• BC-SECURITY / IronSharpPack
  IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…
  ☆108Updated 8 months ago
• 0xdea / blindsight
  Red teaming tool to dump LSASS memory, bypassing basic countermeasures.
  ☆122Updated 3 weeks ago
• mlcsec / EDRenum-BOF
  Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.
  ☆114Updated 3 months ago
• ShutdownRepo / impacket
  Impacket is a collection of Python classes for working with network protocols.
  ☆67Updated 5 months ago
• xct / SeDebugAbuse
  Get SYSTEM via SeDebugPrivilege
  ☆18Updated 2 years ago
• HuskyHacks / SharpTokenFinder
  C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
  ☆133Updated 6 months ago
• jazzpizazz / BloodHound.py-Kerberos
  A Python based ingestor for BloodHound
  ☆83Updated 2 years ago