C# implementation of Get-AADIntSyncCredentials from AADInternals, which extracts Azure AD Connect credentials to AD and Azure AD from AAD connect database.
☆46Jun 24, 2023Updated 2 years ago
Alternatives and similar repositories for DumpAADSyncCreds
Users that are interested in DumpAADSyncCreds are comparing it to the libraries listed below
Sorting:
- ☆81Dec 24, 2021Updated 4 years ago
- ☆74Jul 23, 2021Updated 4 years ago
- A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.☆151Nov 21, 2021Updated 4 years ago
- Windows 7/2008 R2 EoP☆13Feb 12, 2021Updated 5 years ago
- Dumping LSASS with a duplicated handle from custom LSA plugin☆204Feb 23, 2022Updated 4 years ago
- Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…☆21Jan 28, 2024Updated 2 years ago
- crypto args for golang☆17Feb 14, 2022Updated 4 years ago
- MS-FSRVP coercion abuse PoC☆302Dec 30, 2021Updated 4 years ago
- Abuse Azure API permissions for red teaming☆71Jan 24, 2023Updated 3 years ago
- Windows Access token manipulation tool made in C#☆24Aug 24, 2025Updated 6 months ago
- impersonate trustedinstaller by fiddling with tokens☆17Aug 30, 2021Updated 4 years ago
- Tunnellable HTTP/HTTPS socks5 proxy written in C#☆27Feb 18, 2021Updated 5 years ago
- A spin-off research project. Cobalt Strike x Notion collab 2022☆53Apr 8, 2022Updated 3 years ago
- A Windows tool that converts LDIF files to BloodHound CE☆27Dec 20, 2025Updated 2 months ago
- Hides processes from the windows task manager using IAT hooking.☆22Mar 30, 2021Updated 4 years ago
- RunPE using Hell's Gate technique.☆32Dec 4, 2020Updated 5 years ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆49Dec 31, 2021Updated 4 years ago
- Modified version of Pypykatz to print encrypted credentials☆56Dec 26, 2022Updated 3 years ago
- Generic impersonation and privilege escalation with Golang. Like GenericPotato both named pipes and HTTP are supported.☆115Jun 7, 2021Updated 4 years ago
- The repository that complements the From zero to hero: creating a reflective loader in C# workshop☆40Oct 6, 2021Updated 4 years ago
- LSASS memory dumper using direct system calls and API unhooking.☆21Nov 24, 2020Updated 5 years ago
- resource-based constrained delegation RBCD☆46Jan 15, 2022Updated 4 years ago
- .NET implementation of Cobalt Strike's External C2 Spec☆89Nov 12, 2021Updated 4 years ago
- NanoCore rat stub source code☆39May 25, 2022Updated 3 years ago
- C# shellcode runner adapted to run from a csproj to be triggered by MSBuild☆27Feb 11, 2022Updated 4 years ago
- NoPacScan is a CVE-2021-42287/CVE-2021-42278 Scanner,it scan for more domain controllers than other script☆87Feb 17, 2022Updated 4 years ago
- Dump Citrix Secure Access auth cookie from the process memory☆76Jun 24, 2022Updated 3 years ago
- You shall pass☆270Jul 16, 2022Updated 3 years ago
- C# Data Collector for the BloodHound Project, Version 3☆37Dec 28, 2021Updated 4 years ago
- Beacon Object File to delete token privileges and lower the integrity level to untrusted for a specified process☆47Jun 15, 2022Updated 3 years ago
- C# 编写的用于 Dropbox 文件上传☆20Jan 16, 2022Updated 4 years ago
- wtftp.py is a tool to attack Microsoft Deployment Toolkit (MDT) and Windows Deployment Services (WDS).☆30Jan 22, 2026Updated last month
- WinRemoteEnum is a module-based collection of operations achievable by a low-privileged domain user.☆13Oct 24, 2022Updated 3 years ago
- Silent Cleanup UAC Bypass POC☆11Dec 15, 2019Updated 6 years ago
- SAMR修改域内主机密码☆10Feb 27, 2022Updated 4 years ago
- ☆23Aug 31, 2022Updated 3 years ago
- BOF内存运行exe☆31Jun 19, 2023Updated 2 years ago
- Tool for interacting with outlook interop during red team engagements☆146Jun 29, 2021Updated 4 years ago
- 根据攻防以及域信息收集经验dump快而有用的域信息☆103Aug 15, 2023Updated 2 years ago