A curated collection of Windows privilege escalation exploits from the Potato family, grown and organized for red teamers, researchers, and offensive security professionals.
☆25Aug 6, 2025Updated 11 months ago
Alternatives and similar repositories for The-Potato-Garden
Users that are interested in The-Potato-Garden are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Selective In-Memory Syscall Unhooking, a stealthy method to bypass user-mode hooks in ntdll.dll☆41Mar 11, 2026Updated 4 months ago
- Agent for AdaptixC2 with focus in evasion, capability and malleable.☆223Apr 26, 2026Updated 2 months ago
- Origami Crypter with an updated version of the stub that bypasses windows defender.☆13Mar 13, 2025Updated last year
- a minimalistic winrm client written in python☆47Apr 17, 2026Updated 2 months ago
- An Android application, designed as a reference point, that implements an array of tamper and root detection methods - inspired by Google…☆15Jul 21, 2020Updated 5 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A simple research-focused AES-based shellcode loader demonstrating in-memory execution and NTAPI techniques to help understand how custom…☆49Feb 19, 2026Updated 4 months ago
- PowerShell InMemory Execution explained, with samples.☆15Apr 16, 2026Updated 3 months ago
- Microsoft Entra ID (Azure AD) Unauthenticated Enumeration☆79Feb 5, 2026Updated 5 months ago
- Dump TGTs remotely and convert Windows' klist binary output to ccache.☆81Jun 30, 2026Updated 2 weeks ago
- Spartan is a powerful and versatile network scanning tool designed to help system administrators and security professionals identify vuln…☆17Feb 11, 2025Updated last year
- CVE-2025-59501 POC code☆25Nov 20, 2025Updated 7 months ago
- WebClientRelayUp - an universal no-fix local privilege escalation in domain-joined windows workstations in default configuration.☆86Apr 28, 2026Updated 2 months ago
- A C# utility for interacting with SCOM☆100Dec 2, 2025Updated 7 months ago
- Windows Post-Exploitation tools wrapper☆12Jun 24, 2024Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Object file loader implemented as a post-ex DLL for asynchronous BOF execution.☆29Jun 15, 2026Updated last month
- AdaptixC2 default beacon agent extended to support Crystal Palace loaders.☆63May 4, 2026Updated 2 months ago
- .Net Assembly loader for the GMSAPasswordReader☆21Feb 15, 2023Updated 3 years ago
- Crystal Palace RDLL loader for Adaptix C2 with Ekko sleep obfuscation, IAT hooking via PICO, and per-section permission restoration☆154Jun 5, 2026Updated last month
- Exfiltrate data with DNS queries. Based on CertUtil and NSLookup.☆24Dec 30, 2023Updated 2 years ago
- Excel Add In Payload Generator☆15Oct 9, 2023Updated 2 years ago
- Vulnerability disclosures and proof-of-concept exploits☆29May 16, 2026Updated 2 months ago
- Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…☆20Apr 24, 2023Updated 3 years ago
- Active Directory forensic framework☆16May 18, 2026Updated last month
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆13Jan 17, 2025Updated last year
- SharpCoercer is a .NET 4.8 C# tool that leverages 16 different RPC-based coercion methods to force remote Windows hosts to authenticate t…☆58Jul 13, 2025Updated last year
- Modular User-Defined Reflective Loader (UDRL) built on Crystal Palace for controlled DLL execution and evasion research.☆30Apr 14, 2026Updated 3 months ago
- Extract the SAM and SYSTEM hives using the Volume Shadow Copy (VSS) API. With exfiltration and XOR obfuscation options. Implemented in C#…☆370Feb 2, 2026Updated 5 months ago
- Cobalt Strike BOF☆58Dec 10, 2025Updated 7 months ago
- Kerberos CNAME abuse PoC☆108Jan 27, 2026Updated 5 months ago
- Payload Dropper with Persistance & Privesc & UAC bypass 🐱👤☆15Apr 8, 2024Updated 2 years ago
- Web Application Attack☆14Dec 16, 2019Updated 6 years ago
- Dominate the Active Directory game. An Active Directory environments pentest tool complementary to existing ones like NetExec.☆20Jul 9, 2026Updated last week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Automagically decode DNS Exfiltration queries to convert Blind RCE into proper RCE via Burp Collaborator☆21Jan 7, 2026Updated 6 months ago
- Active Directory engagement workspace that combines offline tradecraft, operator-ready commands, attack path analysis, and automated play…☆22Jun 24, 2026Updated 3 weeks ago
- Code and data for our paper "Onelogon: Taking over Active Directory Accounts via Netlogon" (WOOT’26).☆107Jun 22, 2026Updated 3 weeks ago
- PowerShell tool to enumerate existing exclusions in Windows Defender as low privileged user☆12Oct 14, 2024Updated last year
- InstantCrack es un motor de recuperación de hashes de alto rendimiento diseñado para realizar búsquedas instantáneas en bases de datos pr…☆26Jan 19, 2026Updated 5 months ago
- C2 frameworks for RTO, server and implants for stealth red-teaming mode.☆13Sep 11, 2024Updated last year
- Invoke-SPSI - Simple PowerShell Shellcode Injector☆38Oct 9, 2025Updated 9 months ago