Alternatives and similar repositories for ad-cve-privesc

Users that are interested in ad-cve-privesc are comparing it to the libraries listed below

• Hagrid29 / CVE-2024-2432-PaloAlto-GlobalProtect-EoP
  ☆63Updated last year
• hyp3rlinx / PSTrojanFile
  Unfixed Windows PowerShell Filename Code Execution POC
  ☆41Updated last year
• decoder-it / Troopers24
  ☆41Updated last year
• horizon3ai / CVE-2024-23108
  CVE-2024-23108: Fortinet FortiSIEM Unauthenticated 2nd Order Command Injection
  ☆33Updated last year
• jfjallid / go-lsass
  Tool to aid in dumping LSASS process remotely
  ☆41Updated last month
• knight0x07 / WinRAR-Code-Execution-Vulnerability-CVE-2023-38831
  Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)
  ☆40Updated 2 years ago
• watchtowrlabs / CVE-2025-0282
  Ivanti Connect Secure IFT TLS Stack Overflow pre-auth RCE (CVE-2025-0282)
  ☆29Updated 9 months ago
• LuemmelSec / CVE-2023-29357
  ☆52Updated 2 years ago
• sec-consult / msiscan
  Scanning tool for identifying local privilege escalation issues in vulnerable MSI installers
  ☆124Updated last year
• y00ga-sec / Forensike
  Remotely dump NT hashes through Windows Crash dumps
  ☆33Updated last year
• LOFL-Project / LOFLCAB
  ☆55Updated 10 months ago
• mlcsec / SigFinder
  Identify binaries with Authenticode digital signatures signed to an internal CA/domain
  ☆40Updated last year
• mdsecactivebreach / PleasantTools
  Tools for Attacking Pleasant Password Server
  ☆22Updated 2 years ago
• ZSECURE / zDocker-cobaltstrike
  Docker container for running CobaltStrike 4.10
  ☆37Updated last year
• mhaskar / DNSKeyGen
  A tool to exchange decryption keys for command and control (C2) beacons and implants through DNS records.
  ☆39Updated 2 years ago
• 0xsp-SRD / 0xsp.com
  a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab
  ☆64Updated 10 months ago
• pracsec / AmsiScanner
  A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.
  ☆67Updated 2 years ago
• x0rb3l / CVE-2023-36802-MSKSSRV-LPE
  PoC for CVE-2023-36802 Microsoft Kernel Streaming Service Proxy
  ☆36Updated 2 years ago
• persistent-security / hermes-the-messenger
  A PoC for achieving persistence via push notifications on Windows
  ☆47Updated 2 years ago
• rtfmkiesel / loldrivers-client
  Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
  ☆86Updated 3 months ago
• JonasBK / Powershell
  ☆43Updated 9 months ago
• huntandhackett / PassiveAggression
  Source code and examples for PassiveAggression
  ☆64Updated last year
• decoder-it / DFSCoerce-exe-2
  DFSCoerce exe revisited version with custom authentication
  ☆40Updated last year
• ar0x4 / ysoserial.net-docker
  ysoserial.net docker image
  ☆28Updated last year
• ly4k / Impacket
  Modified version of Impacket to use dynamic NTLMv2 Challenge/Response
  ☆19Updated 2 years ago
• dru1d-foofus / GetLAPSPassword
  A LAPS dumper written using the impacket library.
  ☆32Updated 2 years ago
• florianib / rusty_drivers
  BYOVD collection
  ☆23Updated last year
• itm4n / Pentest-Windows
  Windows internals and exploitation tricks
  ☆105Updated 4 months ago
• magnusstubman / tokenduplicator
  Tool to start processes as SYSTEM using token duplication
  ☆38Updated 5 years ago
• pwnsauc3 / RWXfinder
  The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section
  ☆107Updated 2 years ago