Alternatives and similar repositories for PoCs:

Users that are interested in PoCs are comparing it to the libraries listed below

• decoder-it / NetworkServiceExploit
  POC for NetworkService PrivEsc
  ☆125Updated 4 years ago
• xct / diaghub
  Loads a custom dll in system32 via diaghub.
  ☆71Updated 5 years ago
• RedCursorSecurityConsulting / CVE-2020-0668
  Use CVE-2020-0668 to perform an arbitrary privileged file move operation.
  ☆216Updated 5 years ago
• darkr4y / SharpOffensiveShell
  A sort of simple shell which support multiple protocols.
  ☆99Updated 5 years ago
• decoder-it / juicy-potato
  A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts t…
  ☆62Updated 6 years ago
• sailay1996 / delete2SYSTEM
  Weaponizing for Arbitrary Files/Directories Delete bugs to Get NT AUTHORITY\SYSTEM
  ☆123Updated 4 years ago
• fox-it / LDAPFragger
  ☆190Updated 5 years ago
• bytecod3r / Cobaltstrike-Aggressor-Scripts-Collection
  Collection of tested Cobaltstrike aggressor scripts.
  ☆115Updated 5 years ago
• blackorbird / PrintNightmare
  ☆52Updated 3 years ago
• gitjdm / dumper2020
  Yet another LSASS dumper
  ☆76Updated 4 years ago
• pkb1s / SharpAllowedToAct
  Computer object takeover through Resource-Based Constrained Delegation (msDS-AllowedToActOnBehalfOfOtherIdentity)
  ☆188Updated 4 years ago
• uf0o / CVE-2020-17382
  PoC exploits for CVE-2020-17382
  ☆114Updated 4 years ago
• decoder-it / juicy_2
  juicypotato for win10 > 1803 & win server 2019
  ☆95Updated 4 years ago
• irsl / CVE-2020-1313
  Proof of concept exploit of Windows Update Orchestrator Service Elevation of Privilege Vulnerability
  ☆121Updated 4 years ago
• m57 / cobaltstrike_bofs
  My CobaltStrike BOFS
  ☆164Updated 2 years ago
• goichot / CVE-2020-3153
  Cisco AnyConnect < 4.8.02042 privilege escalation through path traversal
  ☆106Updated 4 years ago
• offsecginger / AggressorScripts
  Various Aggressor Scripts I've Created.
  ☆148Updated 3 years ago
• nopfor / ntlm_challenger
  Parse NTLM challenge messages over HTTP and SMB
  ☆144Updated 2 years ago
• Cerbersec / DomainBorrowingC2
  ☆167Updated 3 years ago
• xpn / Powershell-PostExploitation
  Scripts created to help with post exploitation of a Windows host
  ☆97Updated 4 years ago
• cube0x0 / CVE-2020-1472
  ☆38Updated 4 years ago
• rsmudge / ZeroLogon-BOF
  ☆157Updated 2 years ago
• 0neb1n / CVE-2020-16947
  PoC of CVE-2020-16947 (Microsoft Outlook RCE vulnerablility)
  ☆124Updated 4 years ago
• anthemtotheego / C_Shot
  ☆112Updated 4 years ago
• S3cur3Th1sSh1t / NamedPipePTH
  Pass the Hash to a named pipe for token Impersonation
  ☆143Updated 3 years ago
• rxwx / spoolsystem
  Print Spooler Named Pipe Impersonation for Cobalt Strike
  ☆263Updated 4 years ago
• sailay1996 / RpcSsImpersonator
  Privilege Escalation Via RpcSs svc
  ☆177Updated 3 years ago
• FatRodzianko / Get-RBCD-Threaded
  Tool to discover Resource-Based Constrained Delegation attack paths in Active Directory environments
  ☆119Updated 3 years ago
• Mr-Un1k0d3r / ADHuntTool
  official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)
  ☆231Updated 2 years ago
• CCob / MirrorDump
  Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…
  ☆263Updated 4 years ago