☆74Jun 17, 2025Updated 9 months ago
Alternatives and similar repositories for RoastInTheMiddle
Users that are interested in RoastInTheMiddle are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆160Feb 8, 2025Updated last year
- Roast in the Middle☆294Sep 19, 2025Updated 6 months ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆186Jun 22, 2022Updated 3 years ago
- A simple to use single-include Windows API resolver☆23Jul 9, 2024Updated last year
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆140Sep 14, 2024Updated last year
- C# version of NTLMRawUnHide☆72Oct 8, 2022Updated 3 years ago
- DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …☆568Jun 5, 2023Updated 2 years ago
- Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel☆733Sep 3, 2025Updated 6 months ago
- ☆18Jul 3, 2020Updated 5 years ago
- Simple BOF to read the protection level of a process☆119May 10, 2023Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆36Apr 5, 2022Updated 3 years ago
- DFSCoerce exe revisited version with custom authentication☆42Jan 13, 2024Updated 2 years ago
- Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory☆399Aug 15, 2025Updated 7 months ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆78Feb 8, 2023Updated 3 years ago
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆131Jan 14, 2023Updated 3 years ago
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Jul 5, 2023Updated 2 years ago
- Use ESC1 to perform a makeshift DCSync and dump hashes☆210Nov 2, 2023Updated 2 years ago
- Beacon Object File & C# project to check LDAP signing☆199Aug 7, 2024Updated last year
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆271Sep 14, 2023Updated 2 years ago
- ☆418Apr 28, 2021Updated 4 years ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆483Oct 14, 2022Updated 3 years ago
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Jun 21, 2022Updated 3 years ago
- Hookers are cooler than patches.☆170Jan 21, 2022Updated 4 years ago
- ☆254Sep 28, 2023Updated 2 years ago
- A tool for enumerating potential hosts that are open to GSSAPI abuse within Active Directory networks☆181Aug 16, 2025Updated 7 months ago
- MS-FSRVP coercion abuse PoC☆302Dec 30, 2021Updated 4 years ago
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆701May 7, 2025Updated 10 months ago
- DirSync is a simple proof of concept PowerShell module to demonstrate the impact of delegating DS-Replication-Get-Changes and DS-Replicat…☆29Apr 26, 2023Updated 2 years ago
- ☆224Oct 22, 2023Updated 2 years ago
- A C# utility for interacting with SCCM☆683Aug 20, 2025Updated 7 months ago
- Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types☆413Mar 21, 2025Updated last year
- Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…☆19Apr 24, 2023Updated 2 years ago
- ☆94May 26, 2023Updated 2 years ago
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆41Dec 8, 2023Updated 2 years ago
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆102Sep 18, 2023Updated 2 years ago
- Ask a TGS on behalf of another user without password☆482Mar 30, 2025Updated 11 months ago
- An execute-assembly compatible tool for spraying local admin hashes on an Active Directory domain.☆18Apr 30, 2021Updated 4 years ago
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆17Jul 22, 2022Updated 3 years ago
- ☆832Sep 9, 2022Updated 3 years ago