Aur3ns / LsassStealerLinks
Morpheus is an lsass stealer that extracts lsass.exe in RAM and exfiltrates it via forged and crypted NTP packets. For authorized testing only!
☆119Updated 5 months ago
Alternatives and similar repositories for LsassStealer
Users that are interested in LsassStealer are comparing it to the libraries listed below
Sorting:
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆154Updated last year
- Chrome browser extension-based Command & Control☆220Updated 5 months ago
- Leverage WindowsApp createdump tool to obtain an lsass dump☆151Updated last year
- Extract SAM and SYSTEM using Volume Shadow Copy (VSS) API. With multiple exfiltration options and XOR obfuscation☆194Updated 2 weeks ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆209Updated last year
- ☆152Updated 6 months ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆147Updated last year
- A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA …☆156Updated last month
- Our Tips&Tricks☆127Updated 9 months ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Updated 9 months ago
- Enumerate Domain Users Without Authentication☆277Updated 7 months ago
- Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)☆76Updated last year
- Stage 0☆165Updated 11 months ago
- Conquest is a feature-rich and malleable command & control/post-exploitation framework developed in Nim.☆240Updated this week
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆148Updated 8 months ago
- Remote DLL Injection with Timer-based Shellcode Execution☆151Updated 4 months ago
- Active Directory Authentication Library☆84Updated 3 weeks ago
- A Mythic agent for Windows written in C☆140Updated 2 weeks ago
- Havoc C2 profile generator☆99Updated 4 months ago
- ☆197Updated 8 months ago
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆174Updated 8 months ago
- Terminate AV/EDR leveraging BYOVD attack☆102Updated 8 months ago
- Abuse leaked token handles.☆133Updated last year
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆126Updated last year
- Inject RDPThief into memory with PowerShell.☆65Updated 10 months ago
- Automated .NET AppDomain hijack payload generation☆128Updated 10 months ago
- Dump processes over WMI with MSFT_MTProcess☆79Updated 2 months ago
- PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…☆154Updated last year
- A tool for coercing and relaying Kerberos authentication over DCOM and RPC.☆141Updated 4 months ago
- Lateral Movement☆125Updated 2 years ago