Helixo32 / GetSystem-LCI
GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstaller.
☆30Updated 2 months ago
Alternatives and similar repositories for GetSystem-LCI:
Users that are interested in GetSystem-LCI are comparing it to the libraries listed below
- Two in one, patch lifetime powershell console, no more etw and amsi!☆83Updated 7 months ago
- Source code and examples for PassiveAggression☆55Updated 8 months ago
- Generate password spraying lists based on the pwdLastSet-attribute of users.☆55Updated last year
- Lifetime AMSI bypass.☆35Updated 7 months ago
- ☆52Updated 3 months ago
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆39Updated 8 months ago
- Automatically extract and decrypt all configured scanning credentials of a Lansweeper instance.☆35Updated 2 months ago
- A Python based tool to convert custom queries from Legacy BloodHound to BloodHound CE format, with the option to directly upload them to …☆22Updated last month
- Situational Awareness script to identify how and where to run implants☆45Updated 2 months ago
- Tool to aid in dumping LSASS process remotely☆38Updated 6 months ago
- Duplicate not owned Token from Running Process☆72Updated last year
- ☆48Updated 3 months ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆104Updated 10 months ago
- Example code samples from our ScriptBlock Smuggling Blog post☆88Updated 8 months ago
- Brief writeup of post exploitation methodologies.☆17Updated last year
- Construct the payload at runtime using an array of offsets☆61Updated 8 months ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated 7 months ago
- ☆54Updated 3 months ago
- A repository with my code snippets for research/education purposes.☆50Updated last year
- PowerShell Reverse Shell☆61Updated last year
- Deploy a phishing infrastructure on the fly.☆68Updated last month
- ☆74Updated 6 months ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆68Updated 9 months ago
- Fully automated windows credentials dumper, for SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine with…☆73Updated 3 months ago
- Adversary Emulation Framework☆66Updated 6 months ago
- Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe☆13Updated last year
- ☆43Updated 7 months ago