Alternatives and similar repositories for rcat:

Users that are interested in rcat are comparing it to the libraries listed below

• xct / winssh
  ☆58Updated last year
• xct / SeManageVolumeAbuse
  SeManageVolumePrivilege to SYSTEM
  ☆94Updated last year
• xct / SeRestoreAbuse
  SeRestorePrivilege to SYSTEM
  ☆95Updated 3 years ago
• szymex73 / bloodhound-convert
  Python based Bloodhound data converter from the legacy pre 4.1 format to 4.1+ format
  ☆56Updated 2 years ago
• buyne / OSEP-1
  ☆31Updated 3 years ago
• synacktiv / CVE-2024-43468
  ☆83Updated 2 months ago
• amauricio / junkshell
  ☆65Updated 2 weeks ago
• synacktiv / OUned
  The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning
  ☆111Updated this week
• Sh4N4C1 / sh4loader
  ☆29Updated 7 months ago
• RayRRT / Active-Directory-Certificate-Services-abuse
  ☆48Updated 2 years ago
• horizon3ai / backup_dc_registry
  A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY
  ☆80Updated 3 years ago
• x4sh3s / AMSI_Lines
  Bypass AMSI By Dividing files into multiple smaller files
  ☆45Updated 2 years ago
• MinoTauro2020 / CRTL-TIPS
  ☆14Updated 3 months ago
• synacktiv / DLHell
  Local & remote Windows DLL Proxying
  ☆162Updated 9 months ago
• ShutdownRepo / impacket
  Impacket is a collection of Python classes for working with network protocols.
  ☆69Updated 7 months ago
• xct / SeDebugAbuse
  Get SYSTEM via SeDebugPrivilege
  ☆20Updated 2 years ago
• mlcsec / EDRenum-BOF
  Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.
  ☆118Updated 6 months ago
• CodeXTF2 / WebcamBOF
  Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options
  ☆133Updated last week
• jazzpizazz / BloodHound.py-Kerberos
  A Python based ingestor for BloodHound
  ☆83Updated 2 years ago
• pwnsauc3 / RWXfinder
  The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section
  ☆100Updated last year
• SaadAhla / GithubC2
  Github as C2 Demonstration , free API = free C2 Infrastructure
  ☆135Updated last year
• HuskyHacks / SharpTokenFinder
  C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
  ☆137Updated 8 months ago
• zimedev / certipy-merged
  Tool for Active Directory Certificate Services enumeration and abuse
  ☆124Updated 2 months ago
• susMdT / SharpAgent
  C# havoc implant
  ☆100Updated 2 years ago
• boku7 / patchwerk
  BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)
  ☆171Updated last month
• OmriBaso / WTSImpersonator
  WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"
  ☆118Updated 9 months ago
• Karmaz95 / evasion
  AV EVASION TECHNIQUES
  ☆77Updated 2 years ago
• gh0x0st / OSEP-Breaking-Chains
  A collection of code snippets built to assist with breaking chains.
  ☆118Updated 11 months ago
• csandker / pxethiefy
  ☆51Updated 2 months ago
• chebuya / Havoc-C2-SSRF-poc
  CVE-2024-41570: Havoc C2 0.7 Teamserver SSRF exploit
  ☆73Updated 6 months ago