A tool to extract and abuse access tokens from AzureCLI for bypassing 2FA/MFA.
☆47Feb 15, 2020Updated 6 years ago
Alternatives and similar repositories for AzureCLI-Extractor
Users that are interested in AzureCLI-Extractor are comparing it to the libraries listed below
Sorting:
- ☆155Dec 14, 2023Updated 2 years ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- Leveraging AWS Lambda Function URLs for C2 Redirection☆45Aug 30, 2023Updated 2 years ago
- A tool to enumerate and download files from the System Center Configuration Manager (SCCM) SMB share (SCCMContentLib)☆16Jul 27, 2024Updated last year
- Find world writable directories that contain a .exe or .dll file☆13Aug 31, 2021Updated 4 years ago
- ☆17Apr 20, 2022Updated 3 years ago
- Tool for issuing manual LDAP queries which offers bofhound compatible output☆41Jan 14, 2026Updated last month
- Powershell script to exfiltrate large files quickly and securely☆125May 4, 2022Updated 3 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- Powershell module to get the NetNTLMv2 hash of the current user☆96Jul 5, 2022Updated 3 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆34Sep 15, 2022Updated 3 years ago
- ☆18Aug 15, 2021Updated 4 years ago
- A C# penetration testing tool to discover low-haning web fruit via web requests.☆91May 26, 2022Updated 3 years ago
- HEVD Multi-Exploit by m_101☆23Jun 24, 2018Updated 7 years ago
- BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET☆149Feb 15, 2020Updated 6 years ago
- ☆34Jul 23, 2018Updated 7 years ago
- A small example of loading BOFs in Python with pure reflection☆19Jan 26, 2023Updated 3 years ago
- Registry permission scanner written in C# for finding potential privesc avenues within registry☆86Mar 9, 2021Updated 4 years ago
- Remote Java classpath enumeration via deserialization☆22May 23, 2023Updated 2 years ago
- ☆127Jun 19, 2020Updated 5 years ago
- A wrapper around Windows, calls explicitly the lowest possible calls☆14Jan 19, 2023Updated 3 years ago
- ☆117Jun 17, 2025Updated 8 months ago
- ☆42Aug 10, 2019Updated 6 years ago
- ☆25Jul 5, 2018Updated 7 years ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆113Nov 20, 2019Updated 6 years ago
- MSBuild without MSbuild.exe☆135Dec 21, 2020Updated 5 years ago
- Computer object takeover through Resource-Based Constrained Delegation (msDS-AllowedToActOnBehalfOfOtherIdentity)☆197Feb 1, 2021Updated 5 years ago
- Using outlook COM objects to create convincing phishing emails without the user noticing. This project is meant for internal phishing.☆155Dec 22, 2020Updated 5 years ago
- Certificate Export Utility☆26May 1, 2020Updated 5 years ago
- leaking net-ntlm with webdav☆26Feb 23, 2021Updated 5 years ago
- ☆128May 22, 2023Updated 2 years ago
- Utility to enumerate users, groups and computers from a Windows domain through LDAP queries☆393Mar 25, 2021Updated 4 years ago
- ☆17Jan 12, 2026Updated last month
- Import custom queries into BloodHound CE from a legacy BloodHound JSON file.☆10Mar 22, 2024Updated last year
- A fork of https://github.com/SafeBreach-Labs/pinjectra with a practical implementation of Stack Bombing☆29Oct 22, 2020Updated 5 years ago
- Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.☆12Sep 30, 2018Updated 7 years ago
- Multithreaded Padding Oracle Attack on Oracle OAM (CVE-2018-2879)☆25Aug 6, 2019Updated 6 years ago
- Inject Encrypted Commands Into EMF Shapes for C2 In VBA / Office Malware☆39Jul 10, 2020Updated 5 years ago
- lateral movement techniques that can be used during red team exercises☆273Jan 13, 2020Updated 6 years ago