Helixo32 / GetSystem-LCI
GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstaller.
☆32Updated 3 months ago
Alternatives and similar repositories for GetSystem-LCI:
Users that are interested in GetSystem-LCI are comparing it to the libraries listed below
- Lifetime AMSI bypass.☆35Updated 8 months ago
- Source code and examples for PassiveAggression☆55Updated 9 months ago
- Generate password spraying lists based on the pwdLastSet-attribute of users.☆55Updated last year
- ☆43Updated 8 months ago
- Automatically extract and decrypt all configured scanning credentials of a Lansweeper instance.☆36Updated 3 months ago
- Situational Awareness script to identify how and where to run implants☆46Updated 3 months ago
- ☆53Updated 4 months ago
- Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe☆13Updated last year
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆39Updated 9 months ago
- A Python based tool to convert custom queries from Legacy BloodHound to BloodHound CE format, with the option to directly upload them to …☆23Updated 2 months ago
- Enumerate the Domain for Readable and Writable Shares☆17Updated 3 weeks ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆83Updated 8 months ago
- ☆48Updated 4 months ago
- Fully automated windows credentials dumper, for SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine with…☆73Updated 3 months ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33Updated 9 months ago
- Deploy a phishing infrastructure on the fly.☆68Updated 2 months ago
- ☆54Updated 4 months ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆107Updated 10 months ago
- Example code samples from our ScriptBlock Smuggling Blog post☆89Updated 8 months ago
- Leveraging AWS Lambda Function URLs for C2 Redirection☆31Updated last year
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated 8 months ago
- Quick and dirty PowerShell script to abuse the overly permissive capabilities of the SYSTEM user in a child domain on the Public Key Serv…☆25Updated last year
- Sniffing files generator☆55Updated 2 weeks ago