ntlm relay attack to Exchange Web Services
☆334Jan 15, 2018Updated 8 years ago
Alternatives and similar repositories for NtlmRelayToEWS
Users that are interested in NtlmRelayToEWS are comparing it to the libraries listed below
Sorting:
- An NTLM relay tool to the EWS endpoint for on-premise exchange servers. Provides an OWA for hackers.☆305Sep 7, 2022Updated 3 years ago
- Exchange privilege escalations to Active Directory☆806Apr 23, 2023Updated 2 years ago
- Abusing Exchange via EWS☆152Sep 14, 2020Updated 5 years ago
- A tool to abuse Exchange services☆2,300Jun 10, 2024Updated last year
- c# implementation of Active Directory Integrated DNS dumping (authenticated user)☆205May 25, 2021Updated 4 years ago
- Monitors for DCSYNC and DCSHADOW attacks and create custom Windows Events for these events.☆141Mar 7, 2018Updated 7 years ago
- Recon-AD, an AD recon tool based on ADSI and reflective DLL’s☆331Oct 20, 2019Updated 6 years ago
- A cobaltstrike script that integrates DDEAuto Attacks☆63Oct 17, 2017Updated 8 years ago
- morphHTA - Morphing Cobalt Strike's evil.HTA☆526Apr 14, 2023Updated 2 years ago
- CACTUSTORCH: Payload Generation for Adversary Simulations☆1,014Jul 3, 2018Updated 7 years ago
- SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approa…☆290Aug 7, 2020Updated 5 years ago
- CVE-2019-1040 with Exchange☆253Jun 18, 2021Updated 4 years ago
- PowerShell Pass The Hash Utils☆1,724Dec 9, 2018Updated 7 years ago
- A little toolbox to play with Microsoft Kerberos in C☆1,506Dec 14, 2021Updated 4 years ago
- SMB MiTM tool with a focus on attacking clients through file content swapping, lnk swapping, as well as compromising any data passed over…☆383Aug 17, 2018Updated 7 years ago
- Powershell module to assist in attacking Exchange/Outlook Web Access☆182Sep 22, 2016Updated 9 years ago
- Powershell C2 Server and Implants☆575Nov 11, 2019Updated 6 years ago
- goddi (go dump domain info) dumps Active Directory domain information☆429May 31, 2022Updated 3 years ago
- Remote Recon and Collection☆459Nov 23, 2017Updated 8 years ago
- Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources☆1,529Jun 30, 2023Updated 2 years ago
- Exchange your privileges for Domain Admin privs by abusing Exchange☆1,052Jan 23, 2020Updated 6 years ago
- PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM (direct shellcode injection in Excel.exe)☆328Mar 26, 2019Updated 6 years ago
- Socks proxy, and reverse socks server using powershell.☆805Dec 9, 2025Updated 2 months ago
- Cobalt Strike SCT payload obfuscator☆143Jul 7, 2017Updated 8 years ago
- Tunnellable HTTP/HTTPS socks4a proxy written in C# and deployable via PowerShell☆497Mar 15, 2023Updated 2 years ago
- Cobalt Strike cna script for randomized argument spoofing☆51Apr 4, 2019Updated 6 years ago
- Extracting Clear Text Passwords from mstsc.exe using API Hooking.☆1,429Jul 20, 2024Updated last year
- A tool to create a JScript file which loads a .NET v2 assembly from memory.☆1,317Jan 18, 2021Updated 5 years ago
- PowerShell Remote Download Cradle Generator & Obfuscator☆854Mar 23, 2018Updated 7 years ago
- Computer object takeover through Resource-Based Constrained Delegation (msDS-AllowedToActOnBehalfOfOtherIdentity)☆197Feb 1, 2021Updated 5 years ago
- Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS☆1,642Oct 11, 2018Updated 7 years ago
- Run PowerShell with rundll32. Bypass software restrictions.☆1,822Mar 17, 2021Updated 4 years ago
- Aggregation of Cobalt Strike's aggressor scripts.☆142Mar 31, 2018Updated 7 years ago
- .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers☆808Aug 28, 2022Updated 3 years ago
- PowerShell MachineAccountQuota and DNS exploit tools☆1,438Jan 11, 2023Updated 3 years ago
- A proof of concept for the RDP Inception Attack☆353Jun 29, 2017Updated 8 years ago
- My exercise of using Exchange Web Service(EWS)☆55Apr 17, 2021Updated 4 years ago
- Firework is a proof of concept tool to interact with Microsoft Workplaces creating valid files required for the provisioning process.☆44Aug 7, 2020Updated 5 years ago
- PowerShell oneliner to retrieve wdigest passwords from the memory☆220Dec 11, 2017Updated 8 years ago