Find world writable directories that contain a .exe or .dll file
☆13Aug 31, 2021Updated 4 years ago
Alternatives and similar repositories for Get-Writable
Users that are interested in Get-Writable are comparing it to the libraries listed below
Sorting:
- A Windows tool that converts LDIF files to BloodHound CE☆31Dec 20, 2025Updated 3 months ago
- MSBuild without MSbuild.exe☆135Dec 21, 2020Updated 5 years ago
- CLI Search for Security Operators of MITRE ATT&CK URLs☆17Jan 5, 2023Updated 3 years ago
- A tool to enumerate and download files from the System Center Configuration Manager (SCCM) SMB share (SCCMContentLib)☆17Jul 27, 2024Updated last year
- PoC script to demonstrate collection of SCCM attack paths that can be viewed in BH with OpenGraph☆24Aug 2, 2025Updated 7 months ago
- rust port of pspy with support for process monitoring over dbus☆36Jan 4, 2026Updated 2 months ago
- A nim port of C5pider's Ekko project.☆17Oct 1, 2022Updated 3 years ago
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆21Feb 8, 2024Updated 2 years ago
- Proof of Concept in Go from Secureworks' research on Azure Active Directory Brute-Force Attacks. Inspired by @treebuilder's POC on PowerS…☆14Feb 23, 2022Updated 4 years ago
- time-based user enum via Basic Auth in Azure against Autodiscover☆34Oct 3, 2024Updated last year
- C# Data Collector for BloodHound with CobaltStrike integration (BOF.NET)☆59Apr 13, 2023Updated 2 years ago
- Step-by-step documentation on how to decrypt SCCM database secrets offline☆50Oct 20, 2025Updated 5 months ago
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆41Dec 8, 2023Updated 2 years ago
- An impacket-lite cli tool that combines many useful impacket functions using a single session.☆57Updated this week
- Dump Citrix Secure Access auth cookie from the process memory☆76Jun 24, 2022Updated 3 years ago
- Local SYSTEM auth trigger for relaying - X☆154Jul 23, 2025Updated 7 months ago
- A tool to interact with Kerberos to request, forge and convert various types of tickets in an Active Directory environment.☆67Jun 10, 2025Updated 9 months ago
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆18Jun 26, 2025Updated 8 months ago
- The command prompt has been disabled by your administrator☆42May 18, 2023Updated 2 years ago
- Exploiting the KsecDD Windows driver through Server Silos☆77Nov 11, 2024Updated last year
- Add Shadow Credentials to a target object by editing their msDS-KeyCredentialLink attribute☆25Jun 5, 2024Updated last year
- List the ETW provider(s) in the registration table of a process.☆80Sep 20, 2023Updated 2 years ago
- Tool to discover Resource-Based Constrained Delegation attack paths in Active Directory environments☆132Aug 10, 2021Updated 4 years ago
- .NET implementation of Cobalt Strike's External C2 Spec☆89Nov 12, 2021Updated 4 years ago
- Some stuff for PHD2021☆14May 21, 2025Updated 10 months ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- SharpReg is a simple code set to interact with the Remote Registry service api and is compatible with Cobalt Strike.☆28Apr 12, 2020Updated 5 years ago
- Smart Card PIN swiping DLL☆78Oct 4, 2020Updated 5 years ago
- ☆15Jan 26, 2023Updated 3 years ago
- ☆42Apr 22, 2021Updated 4 years ago
- Rust implementation, creating a scheduled task programmatically with user logon trigger.☆47Jun 10, 2025Updated 9 months ago
- Extension functionality for the NightHawk operator client☆26Nov 3, 2023Updated 2 years ago
- Nice try reading NTDLL from disk, nerd.☆19Apr 18, 2022Updated 3 years ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- Random scripts for azure stuff☆14Oct 12, 2022Updated 3 years ago
- ☆38Jan 7, 2025Updated last year
- A 64 bit executable junk code engine for polymorphic malware.☆77Jun 16, 2025Updated 9 months ago
- It records your terminal, then lets you upload to ASHIRT☆29Mar 12, 2026Updated last week
- A simple Linux in-memory .so loader☆33Mar 29, 2023Updated 2 years ago