Alternatives and similar repositories for dumping_lsass

Users that are interested in dumping_lsass are comparing it to the libraries listed below

• SenSecurity / Founding
  Founding is a generator that will create a loader encrypted or obfuscated with different execution types
  ☆111Updated 5 months ago
• safedv / RustSoliloquy
  A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …
  ☆191Updated 9 months ago
• Maldev-Academy / MaldevAcademyLdr.2
  RunPE implementation with multiple evasive techniques (2)
  ☆268Updated 4 months ago
• kfallahi / UnderlayCopy
  PowerShell toolkit that extracts locked Windows files (SAM, SYSTEM, NTDS, ...) using MFT parsing and raw disk reads
  ☆238Updated 3 months ago
• BlackSnufkin / Invoke-DumpMDEConfig
  PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…
  ☆152Updated last year
• Leo4j / Invoke-SMBRemoting
  Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement
  ☆181Updated 8 months ago
• 0xsp-SRD / MDE_Enum
  comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
  ☆212Updated last year
• rad9800 / byor
  ☆163Updated 7 months ago
• oldkingcone / BYOSI
  Evade EDR's the simple way, by not touching any of the API's they hook.
  ☆167Updated last year
• NtDallas / Svartalfheim
  Stage 0
  ☆169Updated last year
• gsmith257-cyber / better-sliver
  Adversary Emulation Framework
  ☆129Updated 7 months ago
• andreisss / Ghosting-AMSI
  Ghosting-AMSI
  ☆220Updated 9 months ago
• 0xNinjaCyclone / EarlyCascade
  A PoC for Early Cascade process injection technique.
  ☆205Updated last year
• LeighlinRamsay / GunnerC2
  ☆152Updated 4 months ago
• 0xsch1zo / NullGate
  Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.
  ☆165Updated 6 months ago
• synacktiv / GroupPolicyBackdoor
  Group Policy Objects manipulation and exploitation framework
  ☆288Updated last month
• HackerHermanos / C2_INFRA_WORKSHOP_DEFCON32_RED_TEAM_VILLAGE
  C2 Infrastructure Automation
  ☆116Updated 7 months ago
• 3lp4tr0n / SessionHop
  Windows Session Hijacking via COM
  ☆335Updated last month
• wariv / DarkLnk
  Build sneaky & malicious LNK files.
  ☆158Updated 6 months ago
• ZERODETECTION / MSC_Dropper
  ☆244Updated last year
• cybersectroll / TrollAMSI
  ☆186Updated 7 months ago
• RedSiege / Chromatophore
  Utilities for obfuscating shellcode
  ☆98Updated 4 months ago
• TheManticoreProject / Delegations
  A tool to work with all types of Kerberos delegations (unconstrained, constrained, and resource-based constrained delegations) in Active …
  ☆213Updated 3 weeks ago
• 1r0BIT / TaskHound
  Tool to enumerate privileged Scheduled Tasks on Remote Systems
  ☆275Updated 3 weeks ago
• m4lwhere / profilehound
  ProfileHound - BloodHound OpenGraph collector for user profiles stored on domain machines. Make informed decisions about looting secrets …
  ☆147Updated last month
• dis0rder0x00 / obex
  Obex – Blocking unwanted DLLs in user mode
  ☆280Updated 4 months ago
• CICADA8-Research / Penetration
  Our Tips&Tricks
  ☆128Updated 11 months ago
• dis0rder0x00 / DbgNexum
  Shellcode injection using the Windows Debugging API
  ☆164Updated last month
• xforcered / RemoteMonologue
  Weaponizing DCOM for NTLM Authentication Coercions
  ☆275Updated 7 months ago
• sud0Ru / NauthNRPC
  Enumerate Domain Users Without Authentication
  ☆281Updated 9 months ago