One Token To Rule Them All https://labs.mwrinfosecurity.com/blog/incognito-v2-0-released/
☆159Jul 9, 2020Updated 5 years ago
Alternatives and similar repositories for incognito
Users that are interested in incognito are comparing it to the libraries listed below
Sorting:
- Kerberos TGS_REP cracker written in Golang☆57Nov 18, 2015Updated 10 years ago
- Load and execute COFF files and Cobalt Strike BOFs in-memory☆226Sep 13, 2022Updated 3 years ago
- Remotely Enumerate sessions using undocumented Windows Station APIs☆117Aug 21, 2024Updated last year
- New version of RottenPotato as a C++ DLL and standalone C++ binary - no need for meterpreter or other tools.☆968Dec 29, 2017Updated 8 years ago
- Another Windows Local Privilege Escalation from Service Account to System☆939Nov 12, 2022Updated 3 years ago
- .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py☆611Feb 16, 2023Updated 3 years ago
- How To Execute Shellcode via HTA☆141Feb 23, 2018Updated 8 years ago
- Adaptive DLL hijacking / dynamic export forwarding☆807Jul 6, 2020Updated 5 years ago
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆87Apr 11, 2023Updated 2 years ago
- Library of BOFs to interact with SQL servers☆223Dec 3, 2025Updated 3 months ago
- RunasCs - Csharp and open version of windows builtin runas.exe☆1,344Jul 12, 2024Updated last year
- Perform DCSync operation without mimikatz☆155Nov 5, 2024Updated last year
- PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as w…☆1,090May 29, 2024Updated last year
- Really stupid re-implementation of invoke-wmiexec☆217Feb 25, 2023Updated 3 years ago
- ☆11Aug 2, 2017Updated 8 years ago
- A tool to elevate privilege with Windows Tokens☆1,062Oct 6, 2023Updated 2 years ago
- Tool to bypass LSA Protection (aka Protected Process Light)☆989Dec 4, 2022Updated 3 years ago
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆839Dec 2, 2023Updated 2 years ago
- Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…☆595Jul 26, 2021Updated 4 years ago
- Collection of remote authentication triggers in C#☆524May 15, 2024Updated last year
- NTLM relaying for Windows made easy☆579Apr 25, 2023Updated 2 years ago
- The swiss army knife of LSASS dumping☆2,071Sep 17, 2024Updated last year
- EvtPsst☆55Oct 24, 2023Updated 2 years ago
- Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS☆1,645Oct 11, 2018Updated 7 years ago
- Tool to create hidden registry keys.☆492Oct 23, 2019Updated 6 years ago
- A small x64 library to load dll's into memory.☆457Nov 6, 2023Updated 2 years ago
- ☆615Jul 21, 2025Updated 7 months ago
- Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…☆322Aug 2, 2023Updated 2 years ago
- Iterative AD discovery toolkit for offensive operations☆85Mar 16, 2020Updated 5 years ago
- KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default…☆1,631Aug 6, 2022Updated 3 years ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,607Jul 10, 2023Updated 2 years ago
- UAC Bypass By Abusing Kerberos Tickets☆507Aug 10, 2023Updated 2 years ago
- A lightweight tool to quickly extract valuable information from the Active Directory environment for both attacking and defending.☆634Oct 18, 2025Updated 4 months ago
- Work, timer, and wait callback example using solely Native Windows APIs.☆88Feb 11, 2024Updated 2 years ago
- LSASS memory dumper using direct system calls and API unhooking.☆1,576Jan 5, 2021Updated 5 years ago
- If you only have hash, you can still operate exchange☆78Oct 21, 2021Updated 4 years ago
- A little tool to convert ccache tickets into kirbi (KRB-CRED) and vice versa based on impacket.☆169Jun 16, 2022Updated 3 years ago
- Hide Mimikatz From Process Lists☆20Jul 10, 2015Updated 10 years ago
- Active Directory certificate abuse.☆1,921Oct 27, 2025Updated 4 months ago