Alternatives and similar repositories for CVE-2022-33679

Users that are interested in CVE-2022-33679 are comparing it to the libraries listed below

• Z4kSec / Masky

  View on GitHub
  Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory
  ☆399Aug 15, 2025Updated 6 months ago
• decoder-it / LocalPotato

  View on GitHub
  ☆705Nov 7, 2023Updated 2 years ago
• zblurx / certsync

  View on GitHub
  Dump NTDS with golden certificates and UnPAC the hash
  ☆647Mar 20, 2024Updated last year
• mdsecactivebreach / DragonCastle

  View on GitHub
  A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.
  ☆301Oct 26, 2022Updated 3 years ago
• cube0x0 / KrbRelay

  View on GitHub
  Framework for Kerberos relaying
  ☆939May 29, 2022Updated 3 years ago
• antonioCoco / JuicyPotatoNG

  View on GitHub
  Another Windows Local Privilege Escalation from Service Account to System
  ☆938Nov 12, 2022Updated 3 years ago
• BeichenDream / PrintNotifyPotato

  View on GitHub
  PrintNotifyPotato
  ☆539Dec 2, 2022Updated 3 years ago
• AlmondOffSec / PassTheCert

  View on GitHub
  Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel
  ☆725Sep 3, 2025Updated 5 months ago
• Wh04m1001 / DFSCoerce

  View on GitHub
  ☆827Sep 9, 2022Updated 3 years ago
• S3cur3Th1sSh1t / SharpNamedPipePTH

  View on GitHub
  Pass the Hash to a named pipe for token Impersonation
  ☆313Nov 29, 2023Updated 2 years ago
• ly4k / PassTheChallenge

  View on GitHub
  Recovering NTLM hashes from Credential Guard
  ☆374Dec 26, 2022Updated 3 years ago
• testanull / ProxyNotShell-PoC

  View on GitHub
  ☆415Nov 18, 2022Updated 3 years ago
• d3lb3 / KeeFarceReborn

  View on GitHub
  A standalone DLL that exports databases in cleartext once injected in the KeePass process.
  ☆302Mar 1, 2023Updated 2 years ago
• zyn3rgy / LdapRelayScan

  View on GitHub
  Check for LDAP protections regarding the relay of NTLM authentication
  ☆532Nov 19, 2024Updated last year
• wh0amitz / PetitPotato

  View on GitHub
  Local privilege escalation via PetitPotam (Abusing impersonate privileges).
  ☆453Mar 30, 2023Updated 2 years ago
• wh0amitz / S4UTomato

  View on GitHub
  Escalate Service Account To LocalSystem via Kerberos
  ☆402Sep 14, 2023Updated 2 years ago
• wh0amitz / KRBUACBypass

  View on GitHub
  UAC Bypass By Abusing Kerberos Tickets
  ☆508Aug 10, 2023Updated 2 years ago
• synacktiv / GPOddity

  View on GitHub
  The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).
  ☆358Dec 13, 2025Updated 2 months ago
• Dec0ne / ShadowSpray

  View on GitHub
  A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…
  ☆482Oct 14, 2022Updated 3 years ago
• CCob / Volumiser

  View on GitHub
  ☆424Apr 22, 2025Updated 9 months ago
• med0x2e / NTLMRelay2Self

  View on GitHub
  An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).
  ☆417Jan 27, 2024Updated 2 years ago
• cube0x0 / noPac

  View on GitHub
  CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
  ☆1,397Dec 16, 2021Updated 4 years ago
• Dec0ne / KrbRelayUp

  View on GitHub
  KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default…
  ☆1,628Aug 6, 2022Updated 3 years ago
• daem0nc0re / TangledWinExec

  View on GitHub
  PoCs and tools for investigation of Windows process execution techniques
  ☆953Feb 2, 2026Updated 2 weeks ago
• XiaoliChan / wmiexec-Pro

  View on GitHub
  New generation of wmiexec.py
  ☆1,255Jan 5, 2026Updated last month
• p0dalirius / Coercer

  View on GitHub
  A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
  ☆2,174Jan 5, 2026Updated last month
• eladshamir / Whisker

  View on GitHub
  Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, …
  ☆930Nov 11, 2024Updated last year
• evilashz / CheeseOunce

  View on GitHub
  Coerce Windows machines auth via MS-EVEN
  ☆171Jan 17, 2024Updated 2 years ago
• Mayyhem / SharpSCCM

  View on GitHub
  A C# utility for interacting with SCCM
  ☆682Aug 20, 2025Updated 5 months ago
• foxlox / GIUDA

  View on GitHub
  Ask a TGS on behalf of another user without password
  ☆482Mar 30, 2025Updated 10 months ago
• p0dalirius / windows-coerced-authentication-methods

  View on GitHub
  A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) wit…
  ☆590Jan 31, 2025Updated last year
• safebuffer / sam-the-admin

  View on GitHub
  Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
  ☆1,040Jul 10, 2022Updated 3 years ago
• nettitude / SharpWSUS

  View on GitHub
  ☆477Nov 20, 2022Updated 3 years ago
• login-securite / DonPAPI

  View on GitHub
  Dumping DPAPI credz remotely
  ☆1,318Mar 24, 2025Updated 10 months ago
• nettitude / MalSCCM

  View on GitHub
  ☆252Sep 28, 2023Updated 2 years ago
• zblurx / dploot

  View on GitHub
  DPAPI looting remotely and locally in Python
  ☆540Oct 7, 2025Updated 4 months ago
• bats3c / ADCSPwn

  View on GitHub
  A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…
  ☆863Mar 20, 2023Updated 2 years ago
• Tw1sm / RITM

  View on GitHub
  Roast in the Middle
  ☆295Sep 19, 2025Updated 4 months ago
• p0dalirius / MSSQL-Analysis-Coerce

  View on GitHub
  A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.
  ☆133Oct 1, 2023Updated 2 years ago