0xthirteen / WMI_Proc_DumpView external linksLinks
Dump processes over WMI with MSFT_MTProcess
☆81Updated this week
Alternatives and similar repositories for WMI_Proc_Dump
Users that are interested in WMI_Proc_Dump are comparing it to the libraries listed below
Sorting:
- Python script to leverage MSFT_MTProcess WMI class☆39Sep 17, 2025Updated 4 months ago
- Execute commands, in/exfiltrate files using your custom RPC Server☆63Jan 13, 2026Updated last month
- ☆17Jan 9, 2025Updated last year
- A bunch of shenanigans using functions, VEH and more☆37Jun 8, 2025Updated 8 months ago
- ☆50Jun 4, 2025Updated 8 months ago
- ☆137Nov 17, 2025Updated 2 months ago
- ☆126Sep 1, 2024Updated last year
- Dump Kerberos tickets☆44Aug 4, 2025Updated 6 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 9 months ago
- Conquest is a feature-rich and malleable command & control/post-exploitation framework developed in Nim.☆259Updated this week
- Random BOFs for LDAP tradecraft☆72Sep 9, 2025Updated 5 months ago
- Reaping treasures from strings in remote processes memory☆285Feb 8, 2025Updated last year
- Tool to enumerate privileged Scheduled Tasks on Remote Systems☆277Jan 12, 2026Updated last month
- Python based GUI for browsing LDAP☆180Dec 7, 2025Updated 2 months ago
- Red Team Assessment Platform - reporting, visualizations, and analytics for cybersecurity red teams☆33Jan 27, 2026Updated 2 weeks ago
- ForsHops☆152Mar 25, 2025Updated 10 months ago
- ☆100Sep 1, 2024Updated last year
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆135Apr 18, 2025Updated 9 months ago
- A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass☆165Sep 22, 2025Updated 4 months ago
- Weaponizing DCOM for NTLM Authentication Coercions☆275Jul 1, 2025Updated 7 months ago
- Threadless shellcode injection tool☆68Aug 5, 2024Updated last year
- ☆16Dec 7, 2025Updated 2 months ago
- This is a proof-of-work for abusing "fsmonitor" against IDE.☆43Nov 22, 2025Updated 2 months ago
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆273Dec 27, 2024Updated last year
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆92Jan 8, 2025Updated last year
- Proof of concept for Kerberos Armoring abuse.☆78Dec 12, 2025Updated 2 months ago
- An example reference design for a proposed BOF PE☆197Jan 23, 2026Updated 3 weeks ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆75May 1, 2024Updated last year
- Local SYSTEM auth trigger for relaying - X☆155Jul 23, 2025Updated 6 months ago
- Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and co…☆655Jan 16, 2026Updated 3 weeks ago
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated 10 months ago
- SACL Scanner is a tool designed to scan and analyze SACLs.☆50Feb 13, 2025Updated last year
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆96Mar 20, 2023Updated 2 years ago
- TypeLib persistence technique☆139Oct 22, 2024Updated last year
- Internal Monologue BOF☆79Dec 28, 2024Updated last year
- A malicious OAuth application that can be leveraged for both internal and external phishing attacks targeting Microsoft Azure and Office3…☆166Jul 31, 2025Updated 6 months ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆122Jan 17, 2026Updated 3 weeks ago
- A small How-To on creating your own weaponized WSL file☆119Jul 23, 2025Updated 6 months ago
- ☆124May 12, 2021Updated 4 years ago