BronzeBee/DavRelayUp external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

BronzeBee/DavRelayUp

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/BronzeBee/DavRelayUp)

Close

BronzeBee / DavRelayUpView on GitHubMore

• External links
• Readme badge

An old Windows workstations LPE for domain environments without LDAP signing/channel binding.

☆35Feb 4, 2023Updated 3 years ago

Alternatives and similar repositories for DavRelayUp

Users that are interested in DavRelayUp are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• Fudgedotdotdot / oceanbreeze

  View on GitHub
  ☆15Sep 4, 2024Updated last year
• mis-team / rsockspipe

  View on GitHub
  Tool for pivoting over SMB pipes
  ☆16Jul 20, 2019Updated 6 years ago
• nickvourd / Rocabella

  View on GitHub
  Sniffing files generator
  ☆62Feb 24, 2025Updated last year
• ToweringDragoon / SACL_Scanner

  View on GitHub
  SACL Scanner is a tool designed to scan and analyze SACLs.
  ☆52Feb 13, 2025Updated last year
• fortalice / modifyCertTemplate

  View on GitHub
  ADCS cert template modification and ACL enumeration
  ☆145Jun 26, 2023Updated 2 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• fkasler / flik

  View on GitHub
  Automate ISSG Tool Setups
  ☆13Nov 21, 2024Updated last year
• bugch3ck / SharpLdapWhoami

  View on GitHub
  WhoAmI by asking the LDAP service on a domain controller.
  ☆66Feb 8, 2022Updated 4 years ago
• Dliv3 / cve-2019-1040-scanner

  View on GitHub
  ☆10Oct 9, 2020Updated 5 years ago
• moloch-- / memmod

  View on GitHub
  Fork of Wireguard's Memmod
  ☆17Feb 25, 2023Updated 3 years ago
• TURROKS / Maltego_Web2Screenshot

  View on GitHub
  Maltego Transforms for generating screenshots from Websites and URLs
  ☆16Apr 24, 2023Updated 3 years ago
• eversinc33 / CredGuess

  View on GitHub
  Generate password spraying lists based on the pwdLastSet-attribute of users.
  ☆55Dec 6, 2023Updated 2 years ago
• Muhammad-Ali007 / OutlookNTLM_CVE-2023-23397

  View on GitHub
  ☆22Jul 15, 2023Updated 2 years ago
• PShlyundin / ldap_shell

  View on GitHub
  AD ACL abuse
  ☆402Sep 11, 2025Updated 9 months ago
• ustayready / ShredHound

  View on GitHub
  Small utility to chunk up a large BloodHound JSON file into smaller files for importing.
  ☆97Apr 13, 2023Updated 3 years ago
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• vnhacker1337 / evilgophish-custom

  View on GitHub
  evilginx2 + gophish
  ☆14Sep 8, 2022Updated 3 years ago
• wh0amitz / SharpRODC

  View on GitHub
  To audit the security of read-only domain controllers
  ☆119Nov 27, 2023Updated 2 years ago
• zimnyaa / beepsyscall

  View on GitHub
  An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.
  ☆16Nov 1, 2023Updated 2 years ago
• N1k0la-T / CVE-2023-21707

  View on GitHub
  CVE-2023-21707 EXP
  ☆28Jul 6, 2023Updated 2 years ago
• p0dalirius / MSSQL-Analysis-Coerce

  View on GitHub
  A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.
  ☆133Oct 1, 2023Updated 2 years ago
• hadrian3689 / looney-tunables-CVE-2023-4911

  View on GitHub
  ☆29Oct 15, 2023Updated 2 years ago
• hausec / Set-RBCDBytes

  View on GitHub
  ☆18Nov 24, 2020Updated 5 years ago
• decoder-it / DFSCoerce-exe-2

  View on GitHub
  DFSCoerce exe revisited version with custom authentication
  ☆43Jan 13, 2024Updated 2 years ago
• paranoidninja / Proxy-DLL-Loads

  View on GitHub
  The code is a pingback to the Dark Vortex blog:
  ☆189Jan 26, 2023Updated 3 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• ajm4n / TermHound

  View on GitHub
  ☆26Nov 8, 2024Updated last year
• OleFredrik1 / remoteKrbRelayx

  View on GitHub
  A tool for coercing and relaying Kerberos authentication over DCOM and RPC.
  ☆150Jul 17, 2025Updated 10 months ago
• TheTechRobo / discord-urls-extractor

  View on GitHub
  Rust program for extracting most URLs from Discord scrapes. Works with Discord History Tracker, discard2, and DiscordChatExporter.
  ☆21Dec 19, 2024Updated last year
• eversinc33 / SharpStartWebclient

  View on GitHub
  Programmatically start WebClient from an unprivileged session to enable that juicy privesc.
  ☆79Feb 8, 2023Updated 3 years ago
• garrettfoster13 / wtftp

  View on GitHub
  wtftp.py is a tool to attack Microsoft Deployment Toolkit (MDT) and Windows Deployment Services (WDS).
  ☆34Jan 22, 2026Updated 4 months ago
• werdhaihai / AtlasReaper

  View on GitHub
  A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.
  ☆273Sep 14, 2023Updated 2 years ago
• Dec0ne / DavRelayUp

  View on GitHub
  DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …
  ☆573Jun 5, 2023Updated 3 years ago
• peiga / DumpThatLSASS

  View on GitHub
  Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation
  ☆32Sep 24, 2022Updated 3 years ago
• VasilyKaiser / aquasily

  View on GitHub
  A Tool for Domain Flyovers - my version of michenriksen's aquatone
  ☆10May 1, 2023Updated 3 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• Syslifters / split-bloodhound

  View on GitHub
  ☆18Sep 14, 2023Updated 2 years ago
• AlmondOffSec / PassTheCert

  View on GitHub
  Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel
  ☆756Sep 3, 2025Updated 9 months ago
• SpecterOps / cred1py

  View on GitHub
  A Python POC for CRED1 over SOCKS5
  ☆171Oct 5, 2024Updated last year
• pkb1s / SharpRelay

  View on GitHub
  ☆182Feb 3, 2021Updated 5 years ago
• CICADA8-Research / LogHunter

  View on GitHub
  Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)
  ☆81Jun 11, 2024Updated 2 years ago
• mdsecactivebreach / Farmer

  View on GitHub
  ☆421Apr 28, 2021Updated 5 years ago
• deh00ni / NtDumpBOF

  View on GitHub
  ☆100Sep 1, 2024Updated last year