Alternatives and similar repositories for ad-cve-privesc

Users that are interested in ad-cve-privesc are comparing it to the libraries listed below

• JonasBK / Powershell
  ☆43Updated 9 months ago
• sec-consult / msiscan
  Scanning tool for identifying local privilege escalation issues in vulnerable MSI installers
  ☆125Updated last year
• 1mm0rt41PC / Builder
  ☆15Updated 4 months ago
• x0rb3l / CVE-2023-36802-MSKSSRV-LPE
  PoC for CVE-2023-36802 Microsoft Kernel Streaming Service Proxy
  ☆36Updated 2 years ago
• LuemmelSec / CVE-2023-29357
  ☆53Updated 2 years ago
• AetherBlack / abuseACL
  A python script to automatically list vulnerable Windows ACEs/ACLs.
  ☆62Updated 5 months ago
• whokilleddb / injection-for-dummies
  A collection of PoCs for different injection techniques on Windows!
  ☆47Updated 2 years ago
• jfjallid / go-lsass
  Tool to aid in dumping LSASS process remotely
  ☆42Updated 2 months ago
• itm4n / Pentest-Windows
  Windows internals and exploitation tricks
  ☆107Updated 3 weeks ago
• p0dalirius / FindProcessesWithNamedPipes
  A simple C++ Windows tool to get information about processes exposing named pipes.
  ☆39Updated 8 months ago
• p0dalirius / ldapconsole
  The ldapconsole script allows you to perform custom LDAP requests to a Windows domain.
  ☆64Updated 2 months ago
• felmoltor / goLAPS
  Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.
  ☆32Updated 8 months ago
• ar0x4 / ysoserial.net-docker
  ysoserial.net docker image
  ☆28Updated last year
• ly4k / Impacket
  Modified version of Impacket to use dynamic NTLMv2 Challenge/Response
  ☆19Updated 2 years ago
• mhaskar / DNSKeyGen
  A tool to exchange decryption keys for command and control (C2) beacons and implants through DNS records.
  ☆39Updated 2 years ago
• knight0x07 / WinRAR-Code-Execution-Vulnerability-CVE-2023-38831
  Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)
  ☆40Updated 2 years ago
• hyp3rlinx / PSTrojanFile
  Unfixed Windows PowerShell Filename Code Execution POC
  ☆41Updated last year
• deepinstinct / AMSI-Unchained
  Unchain AMSI by patching the provider’s unmonitored memory space
  ☆91Updated 3 years ago
• Hagrid29 / CVE-2024-2432-PaloAlto-GlobalProtect-EoP
  ☆63Updated last year
• 0xsp-SRD / 0xsp.com
  a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab
  ☆64Updated 11 months ago
• synacktiv / bbs
  bbs is a router for SOCKS and HTTP proxies. It exposes a SOCKS5 (or HTTP CONNECT) service and forwards incoming requests to proxies or ch…
  ☆93Updated 5 months ago
• synacktiv / pcapan
  A pcap capture analysis helper
  ☆25Updated 2 years ago
• pwnsauc3 / RWXfinder
  The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section
  ☆107Updated 2 years ago
• yanncam / ShuckNT
  ShuckNT is the script of Shuck.sh online service for on-premise use. It is design to dowgrade, convert, dissect and shuck authentication …
  ☆75Updated last year
• decoder-it / Troopers24
  ☆41Updated last year
• Wh04m1001 / GamingServiceEoP5
  ☆29Updated last year
• MultSec / MultCheck
  Identifies bad bytes from static analysis with any Anti-Virus scanner.
  ☆129Updated last year
• skelsec / asysocks
  Socks5 / Socks4 client and server library
  ☆71Updated last month
• p0dalirius / TargetAllDomainObjects
  A python wrapper to run a command on against all users/computers/DCs of a Windows Domain
  ☆28Updated 3 years ago
• eversinc33 / SharpStartWebclient
  Programmatically start WebClient from an unprivileged session to enable that juicy privesc.
  ☆76Updated 2 years ago