GossiTheDog / SystemNightmare
Gives you instant SYSTEM command prompt on all supported and legacy versions of Windows
☆378Updated 3 years ago
Alternatives and similar repositories for SystemNightmare:
Users that are interested in SystemNightmare are comparing it to the libraries listed below
- A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE☆789Updated 8 months ago
- A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. T…☆942Updated 3 years ago
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆822Updated last year
- NTLM relaying for Windows made easy☆553Updated last year
- Windows Privilege Escalation from User to Domain Admin.☆1,355Updated 2 years ago
- Exploit allowing you to read registry hives as non-admin on Windows 10 and 11☆731Updated 3 years ago
- KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default…☆1,554Updated 2 years ago
- Framework for Kerberos relaying☆889Updated 2 years ago
- PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.☆1,889Updated 5 months ago
- "Golden" certificates☆650Updated 5 months ago
- Standalone implementation of a part of the WSUS spec. Built for offensive security purposes.☆300Updated 2 years ago
- SolarWinds Orion Account Audit / Password Dumping Utility☆351Updated last year
- Create fake certs for binaries using windows binaries and the power of bat files☆551Updated 10 months ago
- An Office365 User Attack Tool☆630Updated 10 months ago
- WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations☆353Updated 4 years ago
- Get file less command execution for lateral movement.☆608Updated 2 years ago
- Maximizing BloodHound. Max is a good boy.☆503Updated last week
- An introduction to Active Directory security☆639Updated 2 years ago
- Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.☆608Updated 2 years ago
- Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)☆412Updated 3 years ago
- ☆332Updated 3 years ago
- Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, …☆840Updated 2 months ago
- Generate obfuscated meterpreter shells☆228Updated 3 years ago
- Collect information of Windows PC when doing incident response☆243Updated last year
- A PowerShell armoury for security guys and girls☆465Updated last year
- Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)☆1,030Updated 3 years ago
- CVE-2021-1675 Detection Info☆215Updated last year
- Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket☆517Updated 2 years ago
- Collection of tools that reflect the network dimension into Bloodhound's data☆443Updated 2 years ago
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆744Updated last year