3gstudent / List-RDP-Connections-History
Use powershell to list the RDP Connections History of logged-in users or all users
☆260Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for List-RDP-Connections-History
- An NTLM relay tool to the EWS endpoint for on-premise exchange servers. Provides an OWA for hackers.☆301Updated 2 years ago
- ntlm relay attack to Exchange Web Services☆328Updated 6 years ago
- CVE-2018-8581☆370Updated 2 years ago
- initial commit☆172Updated 6 years ago
- This project is just a dumping ground for random scripts I've developed.☆137Updated 3 months ago
- A PoC WMI backdoor presented at Black Hat 2015☆270Updated 9 years ago
- ☆287Updated 4 years ago
- Powershell module to assist in attacking Exchange/Outlook Web Access☆180Updated 8 years ago
- Collection of Aggressor Scripts for Cobalt Strike☆171Updated 6 years ago
- ☆207Updated 5 years ago
- ☆272Updated 2 years ago
- Active Directory pentest scripts☆122Updated 9 years ago
- A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs.☆168Updated last year
- A proof of concept for the RDP Inception Attack☆344Updated 7 years ago
- A collection of useful scripts for Cobalt Strike☆167Updated 3 months ago
- NTDS.dit offline dumper with non-elevated☆211Updated 6 years ago
- The PowerThIEf, an Internet Explorer Post Exploitation library☆130Updated 6 years ago
- The Discretionary ACL Modification Project: Persistence Through Host-based Security Descriptor Modification☆373Updated 5 years ago
- PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM (direct shellcode injection in Excel.exe)☆321Updated 5 years ago
- Cobalt Strike SCT payload obfuscator☆142Updated 7 years ago
- ☆305Updated 5 years ago
- Aggregation of Cobalt Strike's aggressor scripts.☆144Updated 6 years ago
- A library for integrating communication channels with the Cobalt Strike External C2 server☆281Updated 7 years ago
- Exports Kerberos KrbCred Tickets for use in Mimikatz/Beacon from a Kerberos CCache File☆89Updated 9 years ago
- MSBuildShell, a Powershell Host running within MSBuild.exe☆282Updated 5 years ago
- Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.☆197Updated 6 years ago
- This is a Metasploit module which exploits CVE-2017-11882 using the POC released here : https://embedi.com/blog/skeleton-closet-ms-office…☆98Updated 7 years ago
- Aggressor scripts for phases of a pen test or red team assessment☆175Updated 3 months ago
- Port of eternal blue exploits to powershell☆149Updated 7 years ago
- Netview enumerates systems using WinAPI calls☆289Updated 2 years ago