BlackSnufkin / Invoke-DumpMDEConfigLinks
PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges required )
☆150Updated last year
Alternatives and similar repositories for Invoke-DumpMDEConfig
Users that are interested in Invoke-DumpMDEConfig are comparing it to the libraries listed below
Sorting:
- Continuous password spraying tool☆192Updated 5 months ago
- An interactive shell to spoof some LOLBins command line☆185Updated last year
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆174Updated 3 months ago
- Enhance Your Active Directory Password Spraying with User Intelligence.☆132Updated 3 weeks ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆148Updated last year
- Our Tips&Tricks☆125Updated 6 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆205Updated last year
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆167Updated 10 months ago
- Python implementation of GhostPack's Seatbelt situational awareness tool☆265Updated 9 months ago
- ☆74Updated 3 months ago
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆168Updated 4 months ago
- A cross-platform tool to find and decrypt Group Policy Preferences passwords from the SYSVOL share using low-privileged domain accounts☆163Updated last month
- A powerful, modular, lightweight and efficient command & control framework written in Nim.☆192Updated last month
- Azure Post Exploitation Framework☆204Updated 5 months ago
- ☆105Updated 11 months ago
- Inject RDPThief into memory with PowerShell.☆65Updated 7 months ago
- Enumerate Domain Users Without Authentication☆258Updated 4 months ago
- Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …☆213Updated 10 months ago
- ☆112Updated 2 months ago
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆153Updated last year
- Two in one, patch lifetime powershell console, no more etw and amsi!☆96Updated 3 months ago
- A tool to work with all types of Kerberos delegations (unconstrained, constrained, and resource-based constrained delegations) in Active …☆206Updated last month
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆153Updated 3 weeks ago
- Evade EDR's the simple way, by not touching any of the API's they hook.☆151Updated 6 months ago
- Morpheus is an lsass stealer that extracts lsass.exe in RAM and exfiltrates it via forged and crypted NTP packets. For authorized testin…☆106Updated 2 months ago
- C# AV/EDR Killer using less-known driver (BYOVD)☆179Updated last year
- Python alternative to Mimikatz lsadump::dcshadow☆146Updated 2 months ago
- PoC that downloads an executable from a public SSL certificate☆125Updated 3 weeks ago
- Snaffler reimplementation in Python - https://github.com/SnaffCon/Snaffler☆107Updated last month
- ☆193Updated 3 months ago