30 open-source projects similar to dafthack/mailsniper, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best MailSniper alternative.
PowerSploit is a collection of PowerShell modules designed for security assessment, penetration testing, and red team operations. It provides a framework for auditing Windows system configurations and evaluating the effectiveness of security defenses within an enterprise environment. The framework focuses on techniques that leverage native system administration tools and scripting environments to perform operations. It includes capabilities for executing arbitrary commands, escalating user privileges, and maintaining system persistence through event subscriptions. By utilizing in-memory execu
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers
script to retrieve information via O365 and AzureAD with a valid cred
Windows-Exploit-Suggester is a security audit tool designed to scan Windows systems for outdated components and missing security patches. It functions as a vulnerability scanner that compares target patch levels against official vendor security bulletins to identify security gaps. The tool specializes in exploit mapping, linking identified missing updates to known public exploit code and available penetration testing modules. It automates the research process by cross-referencing missing patches with specific vulnerability identifiers to determine applicable attack vectors. The system includ
Rubeus is a comprehensive Kerberos attack toolkit for Active Directory environments, written in C#. It provides a full suite of operations for manipulating Kerberos tickets, exploiting delegation configurations, and performing credential attacks against Windows domains. The toolkit enables ticket extraction from logon sessions and memory, with real-time monitoring via Event Tracing for Windows. It supports forging golden and silver tickets with arbitrary privileges, as well as the creation of forged delegation contexts. Delegation attacks include abuse of constrained and unconstrained delegat
Automation for internal Windows Penetrationtest / AD-Security
ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
PowerShell MachineAccountQuota and DNS exploit tools
This project is a curated collection of frameworks, libraries, and toolsets designed for social engineering and public data gathering. It aggregates specialized software and educational materials used to perform human-centric attacks during professional security engagements. The directory provides resources for gathering and visualizing open source intelligence to identify sensitive information leaks. It also includes a collection of methods and software for executing phishing campaigns to harvest credentials and session cookies. The repository further covers educational materials focused on
This project is a Windows security removal tool designed to permanently disable and delete antivirus services and security monitoring components from the operating system. It functions as a system performance optimizer and policy manager to remove security mitigations and clear policy files that restrict application execution. The tool includes a Windows ISO customizer that embeds configuration files and unattended installation scripts into bootable images. This allows security features to be bypassed and services to be disabled before the initial system boot. The software covers broad capab
This project is a proof of concept implementation for CVE-2026-31431, serving as a local privilege escalation tool for the Linux kernel. It functions as an exploit that allows a standard user account to obtain root permissions. The tool demonstrates a kernel page cache attack, where root access is achieved by writing shellcode into the cached pages of a privileged binary. This process manipulates how the Linux kernel handles page caches to execute code with elevated permissions. The repository covers areas of Linux security research, including kernel memory corruption analysis and local priv
Another Windows Local Privilege Escalation from Service Account to System
Windows Privilege Escalation from User to Domain Admin.
Windows exploits, mostly precompiled. Not being updated. Check https://github.com/SecWiki/windows-kernel-exploits instead.
Fake Windows logon screen to steal passwords
This project is a set of specialized utilities for Windows vulnerability assessment and patch management auditing. It functions as a vulnerability scanner and exploit suggester that analyzes installed updates to identify missing security patches and their corresponding known vulnerabilities. The system distinguishes itself by matching missing updates against a consolidated vulnerability database to recommend specific publicly available exploits. It maintains accuracy by synchronizing remote security bulletins into a local database and cross-referencing identified gaps against official update
BloodHound is a graph-based security analysis tool designed to map trust relationships and attack vectors within Active Directory environments. It functions as an attack path mapper and risk assessment system that uses graph theory to identify hidden relationships and paths leading to high-privilege accounts. The tool specializes in network attack surface mapping and privilege escalation pathfinding. It quantifies security risks by measuring the reliability of attack paths to critical targets, allowing for the prioritization of vulnerability elimination. The system provides capabilities for
CrackMapExec is a network penetration testing framework and automated security scanner designed to assess security postures across large IP ranges. It functions as a multi-protocol security scanner and network protocol auditor used to identify vulnerabilities and misconfigurations. The tool provides capabilities for Active Directory auditing to enumerate users and permissions, as well as post-exploitation enumeration to gather system metadata and discover lateral movement paths. It includes a framework for credential spraying and harvesting across various network services. The system utilize
Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.
Search Exploitable Software on Linux