C-Sto / gosecretsdump
Dump ntds.dit really fast
☆365Updated 2 years ago
Related projects: ⓘ
- The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.☆461Updated 2 years ago
- A Cobalt Strike tool to audit Active Directory user accounts for weak, well known or easy guessable passwords.☆422Updated 2 years ago
- SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket☆733Updated 3 years ago
- Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket☆488Updated 2 years ago
- Various Cobalt Strike BOFs☆557Updated last year
- ☆341Updated 3 years ago
- Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike & Empire.☆327Updated last year
- Command line interface to dump LSASS memory to disk via SilentProcessExit☆435Updated 3 years ago
- Cobalt Strike kit for Lateral Movement☆640Updated 4 years ago
- Convert Cobalt Strike profiles to modrewrite scripts☆578Updated last year
- A .NET Runtime for Cobalt Strike's Beacon Object Files☆652Updated 2 weeks ago
- Recon-AD, an AD recon tool based on ADSI and reflective DLL’s☆312Updated 4 years ago
- Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…☆427Updated last year
- Utility to enumerate users, groups and computers from a Windows domain through LDAP queries☆343Updated 3 years ago
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆681Updated 9 months ago
- Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.☆262Updated 4 months ago
- Donut Injector ported to pure Go. For use with https://github.com/TheWover/donut☆305Updated 2 years ago
- Cobalt Strike Python API☆291Updated 2 years ago
- Amplify network visibility from multiple POV of other hosts☆291Updated 5 months ago
- Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory☆371Updated 5 months ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆295Updated last year
- A User Impersonation tool - via Token or Shellcode injection☆397Updated 2 years ago
- Tools for Kerberos PKINIT and relaying to AD CS☆607Updated 5 months ago
- Bypass for PowerShell Constrained Language Mode☆359Updated 2 years ago
- Collection of Beacon Object Files☆538Updated last year
- A little tool to convert ccache tickets into kirbi (KRB-CRED) and vice versa based on impacket.☆163Updated 2 years ago
- One Token To Rule Them All https://labs.mwrinfosecurity.com/blog/incognito-v2-0-released/☆142Updated 4 years ago
- Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories,…☆233Updated 11 months ago
- Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for…☆457Updated last year
- Check for LDAP protections regarding the relay of NTLM authentication☆448Updated 6 months ago