30 open-source projects similar to secureauthcorp/impacket, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Impacket alternative.
Impacket is a collection of Python classes designed for the construction, manipulation, and analysis of low-level network packets and services. It functions as a framework for building custom network tools, providing a programmatic interface to interact with communication protocols and service architectures. The library provides primitives for managing authentication, session state, and remote procedure calls within network environments. By offering a modular class hierarchy, it allows for the assembly of network packets and the implementation of specialized communication stacks. The project
Impacket is a Python network protocol library and low-level implementation foundation. It provides a collection of classes for implementing and manipulating network protocols such as SMB, TCP, and UDP. The project serves as a network authentication framework for verifying user identities using passwords, hashes, and security tickets. It also functions as a network packet manipulation toolkit and security research tool for analyzing protocol behaviors and identifying vulnerabilities. The library covers the creation, parsing, and modification of raw network data to analyze communication stacks
CrackMapExec is a network penetration testing framework and automated security scanner designed to assess security postures across large IP ranges. It functions as a multi-protocol security scanner and network protocol auditor used to identify vulnerabilities and misconfigurations. The tool provides capabilities for Active Directory auditing to enumerate users and permissions, as well as post-exploitation enumeration to gather system metadata and discover lateral movement paths. It includes a framework for credential spraying and harvesting across various network services. The system utilize
BloodHound is a graph-based security analysis tool designed to map trust relationships and attack vectors within Active Directory environments. It functions as an attack path mapper and risk assessment system that uses graph theory to identify hidden relationships and paths leading to high-privilege accounts. The tool specializes in network attack surface mapping and privilege escalation pathfinding. It quantifies security risks by measuring the reliability of attack paths to critical targets, allowing for the prioritization of vulnerability elimination. The system provides capabilities for
PowerSploit is a collection of PowerShell modules designed for security assessment, penetration testing, and red team operations. It provides a framework for auditing Windows system configurations and evaluating the effectiveness of security defenses within an enterprise environment. The framework focuses on techniques that leverage native system administration tools and scripting environments to perform operations. It includes capabilities for executing arbitrary commands, escalating user privileges, and maintaining system persistence through event subscriptions. By utilizing in-memory execu
Mimikatz is a security research suite designed for auditing Windows authentication and managing system security configurations. It provides a comprehensive framework for extracting sensitive credentials, manipulating process privileges, and managing digital identity assets directly from system memory or offline memory dumps. The project distinguishes itself through advanced system-level exploitation techniques, including runtime process injection, API hooking, and the ability to bypass cryptographic export restrictions. It features a specialized toolkit for Kerberos protocol operations, allow
Scapy is a network packet manipulation tool and protocol analysis suite designed for crafting, sending, sniffing, and dissecting network traffic. It functions as a framework for building custom network tools that interact directly with low-level packet headers and payloads, enabling users to perform security research and network diagnostics. The system distinguishes itself through a layer-based construction model that allows users to define protocols as stacked objects, which automatically handle checksums and field offsets. It utilizes dynamic field reflection to map packet structures to bin
CppGuide is a curated collection of educational resources and practical guides focused on C++ server development, Linux kernel internals, concurrent programming, network protocols, and security exploitation. It provides structured learning paths for backend developers, covering everything from interview preparation to building high-performance network servers and understanding operating system fundamentals. The guide distinguishes itself by offering in-depth, hands-on tutorials that walk through real-world implementations, including building a Redis-like server from scratch, designing custom
tModLoader is a modding framework and toolset designed for expanding game content and extending core game logic. It provides a polymorphic content API that allows for the creation of new items, NPCs, projectiles, and world assets through object-oriented inheritance. The project is distinguished by its advanced code modification capabilities, utilizing intermediate language bytecode patching and reflection-based private access to alter internal game behavior. It features a hot-reloading assembly runtime that enables developers to recompile and apply source code changes in real-time without res
Ethical-Hacking-Labs is a comprehensive cybersecurity training curriculum and lab suite designed for learning penetration testing, network analysis, and offensive security techniques. It provides a structured environment for practicing the full attack lifecycle, from initial reconnaissance and scanning to exploitation and post-compromise analysis. The project provides instructional materials and guided exercises that cover specific technical domains, including open source intelligence research and network security courseware. It includes a practical workbook for identifying system vulnerabili
This project is a red teaming knowledge base and offensive security playbook designed to simulate adversary behavior. It serves as a comprehensive collection of technical guides and tactics for executing red team operations. The repository provides detailed instructions for Active Directory exploitation, including Kerberos abuse and domain privilege escalation. It covers defense evasion through API unhooking and payload obfuscation, as well as Windows internals research involving the manipulation of kernel objects and system memory. The capability surface extends to network penetration testi
This project is a technical guide and reference for internal network penetration testing. It serves as a collection of procedures for exploiting and navigating private corporate networks during security assessments. The repository provides specialized manuals and cheat sheets focused on active directory attacks, lateral movement, and privilege escalation. It includes a post-exploitation playbook for maintaining system persistence and clearing forensic traces. The documentation covers a broad range of security capabilities, including initial access, network pivoting and tunneling, and interna
Nishang is a PowerShell-based offensive security framework designed for red teaming and penetration testing on Windows targets. It functions as a post-exploitation toolkit and payload generator to automate attacks and manage remote targets. The project provides specialized capabilities for bypassing security controls, such as disabling the Antimalware Scan Interface and employing in-memory execution to avoid disk-based detection. It includes a variety of stealthy command and control mechanisms, utilizing non-standard channels like DNS TXT records, ICMP traffic, and webmail for communication a
libzmq is a C++ based asynchronous messaging engine and networking core designed for routing non-blocking messages between distributed nodes. It functions as a distributed message queue that implements the ZMTP wire-format framing protocol to standardize how data moves across different network transport layers. The library provides a multi-transport abstraction that allows a single interface to route data across TCP, IPC, and in-process memory. It incorporates a cryptographic layer to encrypt and authenticate transmissions between nodes and employs topology-based messaging patterns, such as p
This project is an open source discovery resource that provides curated lists of reusable code and libraries to help developers find technical solutions for specific tasks. It utilizes a category-based indexing system to organize diverse software tools by their functional capabilities. The repository is structured as a collection of markdown-based documentation and static content, serving as a directory for manual discovery and reference. The directory covers a wide range of capability areas, including cross-platform application development, cybersecurity tool creation, network protocol impl
NetExec is a framework for concurrent credential spraying and remote command execution across network protocols. It provides input sanitization and command parsing to reduce injection risks, a plugin-based protocol abstraction that dispatches credentials and commands uniformly regardless of transport, and session and token lifecycle management for long-running multi-command operations. Results from concurrent executions are collected and normalized through a result aggregation pipeline. The framework includes a concurrent job scheduler that manages worker threads for parallel execution across
Rubeus is a comprehensive Kerberos attack toolkit for Active Directory environments, written in C#. It provides a full suite of operations for manipulating Kerberos tickets, exploiting delegation configurations, and performing credential attacks against Windows domains. The toolkit enables ticket extraction from logon sessions and memory, with real-time monitoring via Event Tracing for Windows. It supports forging golden and silver tickets with arbitrary privileges, as well as the creation of forged delegation contexts. Delegation attacks include abuse of constrained and unconstrained delegat
PowerShell MachineAccountQuota and DNS exploit tools
PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.
PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server
Microsoft signed ActiveDirectory PowerShell module
Orpheus is a wrapper for a modified version of Impacket's GetUserSPNs.py and kerberosv5.py which alters the KDC Options (Ticket Options) and the Encryption Type for Kerberoasting.
Netty is an asynchronous network framework designed for building scalable protocol servers and clients. It utilizes an event-driven reactor pattern and a non-blocking input/output model to decouple connection handling from application logic, allowing for the development of responsive network services that manage high volumes of concurrent connections. The framework distinguishes itself through a modular pipeline-based processing chain that enables the implementation of custom binary or text-based protocols. It provides a pluggable transport abstraction that allows developers to switch between
Zapret is a deep packet inspection bypass tool and packet manipulation framework designed to circumvent network censorship. It operates as a transparent network proxy and TCP traffic obfuscator that modifies packets to deceive network inspection systems. The project distinguishes itself through advanced desynchronization strategies, including the modification of TLS client hello handshakes and the use of fake packet injection. It utilizes a combination of TCP stream segmentation, sequence overlapping, and TTL adjustment to hide prohibited requests from firewalls while ensuring the destination
libhv is a high-performance C/C++ network library and event-driven I/O framework used to build TCP, UDP, SSL, HTTP, WebSocket, and MQTT clients and servers. It provides a non-blocking event loop for managing network sockets, timers, and system signals across multiple threads. The project is distinguished by its integrated support for specialized network roles, including a full HTTP web server with RESTful routing and middleware, an MQTT messaging client for IoT communication, and the ability to implement SOCKS5 and HTTP proxies. It also features a reliable UDP implementation to ensure ordered
This project provides a comprehensive implementation of the AT Protocol, serving as a framework for building decentralized social networking applications. It enables the creation of distributed data repositories where users maintain cryptographic ownership of their identity and content, allowing for portable accounts that can be migrated between independent servers without central authority intervention. The platform distinguishes itself by decoupling content hosting from discovery through modular algorithmic curation. Users can select third-party services to filter and organize their feeds,
Bettercap is an extensible framework for network security testing that provides a unified interface for performing man-in-the-middle attacks, network reconnaissance, and traffic manipulation across WiFi, Bluetooth, and wired networks. It operates through a modular attack module system that loads and executes interchangeable offensive or diagnostic modules, supported by event-driven session management and multi-protocol network spoofing capabilities. The framework distinguishes itself by covering a broad range of network domains, including Bluetooth Low Energy scanning and enumeration, CAN-Bus
usbipd-win is a USB device sharing tool and network device driver that binds physical USB hardware to a network protocol. It serves as a management interface for sharing and attaching USB devices via network protocols, specifically providing a utility to map shared hardware directly into Windows Subsystem for Linux instances. The project implements USB over IP networking to share locally connected devices over a network for discovery by remote client machines. It enables virtual machine USB passthrough, allowing guest operating systems to interact with physical hardware directly. The softwar