Alternatives and similar repositories for ClickonceHunter:

Users that are interested in ClickonceHunter are comparing it to the libraries listed below

• mgeeky / msi-shenanigans
  Proof of Concept code and samples presenting emerging threat of MSI installer files.
  ☆78Updated 2 years ago
• 0xe7 / RoastInTheMiddle
  ☆71Updated last year
• Octoberfest7 / Presentations
  Slide decks and/or materials from conference presentations
  ☆55Updated 2 years ago
• n00py / GetFGPP
  Get Fine Grained Password Policy
  ☆67Updated 9 months ago
• morRubin / NegoExRelay
  ☆85Updated 2 years ago
• deepinstinct / AMSI-Unchained
  Unchain AMSI by patching the provider’s unmonitored memory space
  ☆88Updated 2 years ago
• xpn / CloudInject
  ☆107Updated 2 months ago
• NotMedic / Invoke-Nanodump
  HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection
  ☆53Updated 3 years ago
• leftp / DPAPISnoop
  A C# tool to output crackable DPAPI hashes from user MasterKeys
  ☆132Updated 5 months ago
• RedSiege / RandomScripts
  Scripts for public use that we've randomly written, or have updated from other people's work.
  ☆40Updated 7 months ago
• EspressoCake / Process_Protection_Level_BOF
  ☆56Updated 3 years ago
• antroguy / LocklessBof
  Lockless BOF
  ☆64Updated 2 weeks ago
• Dramelac / GoldenCopy
  Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket.
  ☆84Updated 9 months ago
• 0xthirteen / AssemblyHunter
  Find .net assemblies locally
  ☆104Updated 2 years ago
• ChoiSG / OneDriveUpdaterSideloading
  Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post
  ☆90Updated 2 years ago
• G0ldenGunSec / GetWebDAVStatus
  Determine if the WebClient Service (WebDAV) is running on a remote system
  ☆126Updated 11 months ago
• SolomonSklash / RubeusToCcache
  A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket
  ☆54Updated 4 years ago
• SpecterOps / cred1py
  A Python POC for CRED1 over SOCKS5
  ☆139Updated 4 months ago
• MayerDaniel / profiler-lateral-movement
  Lateral Movement via the .NET Profiler
  ☆79Updated 2 months ago
• laxa / SharpSecretsdump
  Secretsdump C# version only supporting local (live) operation
  ☆48Updated last year
• SaadAhla / PSpersist
  Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell pro…
  ☆85Updated last year
• xct / adopt
  Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.
  ☆14Updated 2 years ago
• eversinc33 / SharpStartWebclient
  Programmatically start WebClient from an unprivileged session to enable that juicy privesc.
  ☆73Updated 2 years ago
• RedSiege / What-The-F
  This repo hosts a poc of how to execute F# code within an unmanaged process
  ☆65Updated 7 months ago
• lkarlslund / hashmuncher
  Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later
  ☆91Updated last year
• Crypt0s / DelegationBOF
  ☆139Updated 2 years ago
• OtterHacker / ShareFouine
  ☆48Updated 3 months ago
• wotwot563 / aad_prt_bof
  ☆99Updated 10 months ago
• MrAle98 / Sliver-PortBender
  Sliver extension performing TCP redirection tasks without performing cross-process injection.
  ☆63Updated last month
• x4sh3s / AMSI_Lines
  Bypass AMSI By Dividing files into multiple smaller files
  ☆45Updated 2 years ago