Alternatives and similar repositories for ad-cve-privesc

Users that are interested in ad-cve-privesc are comparing it to the libraries listed below

• sec-consult / msiscan
  Scanning tool for identifying local privilege escalation issues in vulnerable MSI installers
  ☆125Updated last year
• x0rb3l / CVE-2023-36802-MSKSSRV-LPE
  PoC for CVE-2023-36802 Microsoft Kernel Streaming Service Proxy
  ☆36Updated 2 years ago
• knight0x07 / WinRAR-Code-Execution-Vulnerability-CVE-2023-38831
  Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)
  ☆40Updated 2 years ago
• Hagrid29 / CVE-2024-2432-PaloAlto-GlobalProtect-EoP
  ☆63Updated last year
• itm4n / Pentest-Windows
  Windows internals and exploitation tricks
  ☆108Updated last month
• jfjallid / go-lsass
  Tool to aid in dumping LSASS process remotely
  ☆42Updated 3 months ago
• hyp3rlinx / PSTrojanFile
  Unfixed Windows PowerShell Filename Code Execution POC
  ☆41Updated 2 years ago
• pwnsauc3 / RWXfinder
  The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section
  ☆108Updated 2 years ago
• p0dalirius / ldapconsole
  The ldapconsole script allows you to perform custom LDAP requests to a Windows domain.
  ☆64Updated 3 months ago
• p0dalirius / microsoft-rpc-fuzzing-tools
  This repository contains a list of python scripts to work with Microsoft RPC for research purposes.
  ☆50Updated 10 months ago
• x4sh3s / AMSI_Lines
  Bypass AMSI By Dividing files into multiple smaller files
  ☆46Updated 3 years ago
• rtfmkiesel / loldrivers-client
  Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
  ☆87Updated 3 weeks ago
• pracsec / AmsiScanner
  A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.
  ☆67Updated 2 years ago
• LuemmelSec / CVE-2023-29357
  ☆53Updated 2 years ago
• JonasBK / Powershell
  ☆44Updated 10 months ago
• p0dalirius / pydsinternals
  A Python native library containing necessary classes, functions and structures to interact with Windows Active Directory.
  ☆69Updated 3 weeks ago
• mlcsec / proctools
  Small toolkit for extracting information and dumping sensitive strings from Windows processes
  ☆115Updated last year
• sevagas / Advanced_Initial_access_in_2024_OffensiveX
  Resources linked to my presentation at OffensiveX in Athens in June 2024 on the topic "Breach the Gat, Advanced Initial Access in 2024"
  ☆146Updated last year
• huntandhackett / PassiveAggression
  Source code and examples for PassiveAggression
  ☆64Updated last year
• y00ga-sec / Forensike
  Remotely dump NT hashes through Windows Crash dumps
  ☆34Updated last year
• xct / SeDebugAbuse
  Get SYSTEM via SeDebugPrivilege
  ☆24Updated 3 years ago
• OmriBaso / WTSImpersonator
  WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"
  ☆121Updated last year
• wh0amitz / SharpRODC
  To audit the security of read-only domain controllers
  ☆117Updated 2 years ago
• p0dalirius / TargetAllDomainObjects
  A python wrapper to run a command on against all users/computers/DCs of a Windows Domain
  ☆28Updated 3 years ago
• bruno-1337 / SeDebugPrivilege-Exploit
  Simple C++ PoC of SeDebugPrivilege Privesc
  ☆26Updated last year
• SafeBreach-Labs / MagicDot
  A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
  ☆106Updated last year
• whokilleddb / injection-for-dummies
  A collection of PoCs for different injection techniques on Windows!
  ☆47Updated 2 years ago
• synacktiv / bbs
  bbs is a router for SOCKS and HTTP proxies. It exposes a SOCKS5 (or HTTP CONNECT) service and forwards incoming requests to proxies or ch…
  ☆94Updated 6 months ago
• foxlox / hypobrychium
  Duplicate not owned Token from Running Process
  ☆74Updated 2 years ago
• ASP4RUX / bypassEDR-AV
  ☆59Updated last year