CICADA8-Research / LogHunter
Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)
☆66Updated 10 months ago
Alternatives and similar repositories for LogHunter:
Users that are interested in LogHunter are comparing it to the libraries listed below
- Uses rpcdump to locate the ADCS server, and identify if ESC8 is vulnerable from unauthenticated perspective.☆80Updated 7 months ago
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆40Updated 11 months ago
- ☆54Updated 2 months ago
- ☆179Updated last month
- Two in one, patch lifetime powershell console, no more etw and amsi!☆88Updated last week
- Construct the payload at runtime using an array of offsets☆63Updated 10 months ago
- An impacket-lite cli tool that combines many useful impacket functions using a single session.☆48Updated 2 months ago
- Inject RDPThief into memory with PowerShell.☆62Updated 3 months ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆121Updated 7 months ago
- Our Tips&Tricks☆116Updated 2 months ago
- ☆85Updated 3 months ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆112Updated last month
- Generate password spraying lists based on the pwdLastSet-attribute of users.☆56Updated last year
- Tool for MSSQL relay audit and abuse☆46Updated 4 months ago
- ☆105Updated last month
- Example code samples from our ScriptBlock Smuggling Blog post☆90Updated 10 months ago
- Lateral Movement☆123Updated last year
- this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)☆82Updated last year
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆75Updated 2 months ago
- ☆55Updated 6 months ago
- TokenCert☆95Updated 5 months ago
- A Python based tool to convert custom queries from Legacy BloodHound to BloodHound CE format, with the option to directly upload them to …☆26Updated 3 months ago
- SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.☆56Updated last week
- Active Directory Authentication Library☆66Updated last week
- ☆106Updated 2 months ago
- ☆80Updated 9 months ago
- Source code and examples for PassiveAggression☆55Updated 11 months ago
- Morpheus is a memory dumper that extracts lsass.exe in RAM and exfiltrates it via forged NTP packets. It uses RC4 encryption and Reed-Sol…☆92Updated last month
- A Python-based tool for analyzing Active Directory security posture by processing LDAP dumps, NTDS.dit extracts, and password cracking re…☆17Updated 2 weeks ago
- ☆87Updated 11 months ago