CLI monitor for windows process- & file activity
☆97Nov 20, 2020Updated 5 years ago
Alternatives and similar repositories for winpspy
Users that are interested in winpspy are comparing it to the libraries listed below
Sorting:
- generate payloads that force authentication against an attacker machine☆120Nov 6, 2022Updated 3 years ago
- A small reverse shell for Linux & Windows☆623Jun 5, 2024Updated last year
- rcat☆75Mar 7, 2022Updated 3 years ago
- SeManageVolumePrivilege to SYSTEM☆146Nov 22, 2023Updated 2 years ago
- vulnerable windows binaries for exploitation practice☆49Jun 6, 2022Updated 3 years ago
- SeRestorePrivilege to SYSTEM☆133Oct 8, 2021Updated 4 years ago
- SATO is a PowerShell tool focuses on providing flexible, multi-grant type support for obtaining, managing, and analyzing Azure tokens.☆22Nov 24, 2025Updated 3 months ago
- ☆65Jan 2, 2024Updated 2 years ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆25Sep 29, 2023Updated 2 years ago
- ☆63Jul 9, 2023Updated 2 years ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆155Nov 2, 2025Updated 3 months ago
- Simple C# implementation of PowerUpSQL☆95Jul 8, 2024Updated last year
- Attack chain emulator. Write recipes for initial access easily☆23Feb 26, 2025Updated last year
- Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code☆24Mar 13, 2023Updated 2 years ago
- a minimalistic winrm client written in python☆25May 15, 2025Updated 9 months ago
- I have created these custom servers for preparing EXP-301 course (aka WUMED) exam and hope it will help to take OSED certification. Feel …☆52Nov 15, 2023Updated 2 years ago
- Python version of the C# tool for "Shadow Credentials" attacks☆858Feb 14, 2026Updated 2 weeks ago
- ☆14Sep 26, 2023Updated 2 years ago
- PowerShell Constrained Language Mode Bypass☆293Jan 31, 2021Updated 5 years ago
- Get SYSTEM via SeDebugPrivilege☆24Jun 6, 2022Updated 3 years ago
- Microsoft365 Device Code Phishing Framework☆39Sep 4, 2021Updated 4 years ago
- Runs sshd as a unprivileged user for persistence☆11Jun 23, 2019Updated 6 years ago
- ☆181May 29, 2023Updated 2 years ago
- ☆23Nov 13, 2021Updated 4 years ago
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆41Dec 8, 2023Updated 2 years ago
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆46Jul 16, 2023Updated 2 years ago
- Simple AV Evasion for PE Files☆41Nov 21, 2021Updated 4 years ago
- ☆167Feb 18, 2026Updated last week
- Beacon Object File & C# project to check LDAP signing☆199Aug 7, 2024Updated last year
- Powershell version of SharpGPOAbuse☆90May 21, 2021Updated 4 years ago
- Powerview on steroids☆875Updated this week
- ☆477Nov 20, 2022Updated 3 years ago
- Lists who can read any gMSA password blobs and parses them if the current user has access.☆354Feb 12, 2024Updated 2 years ago
- Python based Bloodhound data converter from the legacy pre 4.1 format to 4.1+ format☆65Jun 30, 2022Updated 3 years ago
- Automatically extract and decrypt all configured scanning credentials of a Lansweeper instance.☆45Nov 29, 2024Updated last year
- A python port of CCob's ThreadlessInject☆25Mar 18, 2023Updated 2 years ago
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.☆779Oct 16, 2025Updated 4 months ago
- ☆64May 31, 2024Updated last year
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆387Feb 23, 2024Updated 2 years ago