Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation
☆213Jan 16, 2022Updated 4 years ago
Alternatives and similar repositories for ShadowSteal
Users that are interested in ShadowSteal are comparing it to the libraries listed below
Sorting:
- C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!☆183Aug 4, 2021Updated 4 years ago
- Exploit allowing you to read registry hives as non-admin on Windows 10 and 11☆809Jul 26, 2021Updated 4 years ago
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…��☆864Mar 20, 2023Updated 2 years ago
- Windows Privilege Escalation from User to Domain Admin.☆1,439Dec 18, 2022Updated 3 years ago
- Local Privilege Escalation Edition for CVE-2021-1675/CVE-2021-34527☆327Jul 5, 2021Updated 4 years ago
- Exploit for HiveNightmare - CVE-2021–36934☆61Aug 22, 2025Updated 6 months ago
- ☆385Aug 19, 2021Updated 4 years ago
- ☆181Feb 3, 2021Updated 5 years ago
- Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).☆816Dec 14, 2023Updated 2 years ago
- ☆185Jan 5, 2021Updated 5 years ago
- C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527☆1,966Jul 20, 2021Updated 4 years ago
- C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode injection☆251Mar 31, 2021Updated 4 years ago
- official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)☆232Jun 10, 2022Updated 3 years ago
- Project to enumerate proxy configurations and generate shellcode from CobaltStrike☆140Nov 4, 2020Updated 5 years ago
- juicypotato for win10 > 1803 & win server 2019☆97Feb 23, 2021Updated 5 years ago
- A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE☆805May 19, 2024Updated last year
- [ProxyLogon] CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit. [ProxyOracle] CVE-2021-31195 & CVE-2021-31196 Exploit Chains.…☆177Oct 21, 2022Updated 3 years ago
- Get file less command execution for lateral movement.☆636Jun 3, 2022Updated 3 years ago
- ADCS abuser☆314Feb 6, 2023Updated 3 years ago
- Self-developed tools for Lateral Movement/Code Execution☆718Aug 17, 2021Updated 4 years ago
- C# Lsass parser☆296Oct 13, 2021Updated 4 years ago
- SharpHook is an offensive API hooking tool designed to catch various credentials within the API call.☆321Jul 1, 2021Updated 4 years ago
- A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.☆151Nov 21, 2021Updated 4 years ago
- Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)☆426Apr 22, 2021Updated 4 years ago
- .NET Project for Attacking vCenter☆553Nov 11, 2021Updated 4 years ago
- Command line interface to dump LSASS memory to disk via SilentProcessExit☆454Dec 23, 2020Updated 5 years ago
- Exploit to SYSTEM for CVE-2021-21551☆235May 20, 2021Updated 4 years ago
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆220May 3, 2023Updated 2 years ago
- credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege☆123May 22, 2021Updated 4 years ago
- COFF and BOF Loader written in Nim☆175Aug 1, 2022Updated 3 years ago
- Tools for Kerberos PKINIT and relaying to AD CS☆882Jan 3, 2025Updated last year
- ☆101Aug 23, 2021Updated 4 years ago
- PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.☆2,179Aug 15, 2024Updated last year
- Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)☆276Jan 13, 2022Updated 4 years ago
- Command line tool to extract/decrypt the password that was stored in the LSA by SysInternals AutoLogon☆223Dec 5, 2020Updated 5 years ago
- Hide your payload in DNS☆615May 3, 2023Updated 2 years ago
- Cobalt Strike Beacon Object Files☆167May 2, 2022Updated 3 years ago
- Remotely enables Restricted Admin Mode☆215Sep 3, 2021Updated 4 years ago
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user☆1,041Jul 10, 2022Updated 3 years ago