Active Directory certificate abuse
☆43Oct 9, 2022Updated 3 years ago
Alternatives and similar repositories for CertifyKit
Users that are interested in CertifyKit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- TokenCert☆102Nov 15, 2024Updated last year
- Dump Teams conversations☆18Jun 9, 2021Updated 4 years ago
- custom impacket mssqlclient☆26Sep 16, 2023Updated 2 years ago
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆45Jan 10, 2024Updated 2 years ago
- Purple Team Dropper generator using open source templates.☆17May 23, 2024Updated last year
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆131Jan 14, 2023Updated 3 years ago
- ☆25Jul 2, 2024Updated last year
- ☆44Oct 16, 2023Updated 2 years ago
- 用Go开发的Java字节码解析器,和“javap”命令作用一致 Java class file parser plays the same role as "javap"☆18Oct 17, 2017Updated 8 years ago
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆701May 7, 2025Updated 10 months ago
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆268Apr 8, 2025Updated 11 months ago
- CPP AV/EDR Killer☆480Nov 28, 2023Updated 2 years ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆112Jul 15, 2023Updated 2 years ago
- OPSEC safe Kerberoasting in C#☆198Jun 14, 2022Updated 3 years ago
- 👻inject_und3ad -- 蚁剑(AntSword)插件☆24Aug 8, 2019Updated 6 years ago
- Installing wazuh SIEM Unified XDR and SIEM protection☆33Jun 3, 2025Updated 9 months ago
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆58Feb 20, 2022Updated 4 years ago
- How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.☆26Apr 21, 2025Updated 11 months ago
- ☆123Oct 9, 2023Updated 2 years ago
- Tool to aid in dumping LSASS process remotely☆42Sep 23, 2025Updated 6 months ago
- all random stuff that dont warrant a seperate repo☆12Sep 2, 2022Updated 3 years ago
- BurpSuite Rpc 算法转发插件☆17Jan 4, 2023Updated 3 years ago
- A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.☆327Jan 31, 2023Updated 3 years ago
- Python tool to automatically perform SPN-less RBCD attacks.☆126Jan 7, 2026Updated 2 months ago
- .NET wrapper around LogonUserA to test creds☆12Jun 2, 2022Updated 3 years ago
- ☆38Jun 5, 2023Updated 2 years ago
- early cascade injection PoC based on Outflanks blog post☆239Nov 7, 2024Updated last year
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆384Dec 13, 2024Updated last year
- "Service-less" driver loading☆184Nov 28, 2024Updated last year
- Performing Indirect Clean Syscalls☆605Apr 19, 2023Updated 2 years ago
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆376Sep 20, 2025Updated 6 months ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆78Dec 23, 2023Updated 2 years ago
- New exploitation tricks for hardened .NET Remoting servers☆31Aug 5, 2025Updated 7 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆216Oct 19, 2024Updated last year
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆34Aug 18, 2025Updated 7 months ago
- ☆127Jan 23, 2025Updated last year
- Lateral movement with DCOM DLL hijacking☆176Jul 4, 2025Updated 8 months ago
- Just another Process Injection using Process Hollowing technique.☆18Sep 18, 2023Updated 2 years ago