Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation
☆212Jan 16, 2022Updated 4 years ago
Alternatives and similar repositories for ShadowSteal
Users that are interested in ShadowSteal are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!☆182Aug 4, 2021Updated 4 years ago
- Exploit allowing you to read registry hives as non-admin on Windows 10 and 11☆816Jul 26, 2021Updated 4 years ago
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆872Mar 20, 2023Updated 3 years ago
- Windows Privilege Escalation from User to Domain Admin.☆1,455Dec 18, 2022Updated 3 years ago
- Exploit for HiveNightmare - CVE-2021–36934☆61Aug 22, 2025Updated 7 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- ☆384Aug 19, 2021Updated 4 years ago
- Local Privilege Escalation Edition for CVE-2021-1675/CVE-2021-34527☆326Jul 5, 2021Updated 4 years ago
- C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527☆1,977Jul 20, 2021Updated 4 years ago
- Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).☆822Dec 14, 2023Updated 2 years ago
- Project to enumerate proxy configurations and generate shellcode from CobaltStrike☆140Nov 4, 2020Updated 5 years ago
- C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode injection☆251Mar 31, 2021Updated 5 years ago
- ☆185Jan 5, 2021Updated 5 years ago
- .NET Project for Attacking vCenter☆557Nov 11, 2021Updated 4 years ago
- ☆181Feb 3, 2021Updated 5 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege☆123May 22, 2021Updated 4 years ago
- official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)☆234Jun 10, 2022Updated 3 years ago
- [ProxyLogon] CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit. [ProxyOracle] CVE-2021-31195 & CVE-2021-31196 Exploit Chains.…☆177Oct 21, 2022Updated 3 years ago
- A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE☆804May 19, 2024Updated last year
- Exploit to SYSTEM for CVE-2021-21551☆235May 20, 2021Updated 4 years ago
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆220May 3, 2023Updated 2 years ago
- Get file less command execution for lateral movement.☆637Jun 3, 2022Updated 3 years ago
- A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.☆151Nov 21, 2021Updated 4 years ago
- juicypotato for win10 > 1803 & win server 2019☆97Feb 23, 2021Updated 5 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Self-developed tools for Lateral Movement/Code Execution☆721Aug 17, 2021Updated 4 years ago
- COFF and BOF Loader written in Nim☆173Apr 4, 2026Updated last week
- C# Lsass parser☆296Oct 13, 2021Updated 4 years ago
- A little scanner to check the LDAP Signing state☆46Aug 2, 2021Updated 4 years ago
- SharpHook is an offensive API hooking tool designed to catch various credentials within the API call.☆321Jul 1, 2021Updated 4 years ago
- Spray a hash via smb to check for local administrator access☆142Feb 7, 2021Updated 5 years ago
- Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)☆275Jan 13, 2022Updated 4 years ago
- Command line interface to dump LSASS memory to disk via SilentProcessExit☆456Dec 23, 2020Updated 5 years ago
- Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)☆426Apr 22, 2021Updated 4 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- ADCS abuser☆317Feb 6, 2023Updated 3 years ago
- A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies☆325Apr 8, 2023Updated 3 years ago
- C# version of Powermad☆170Dec 5, 2023Updated 2 years ago
- Remotely enables Restricted Admin Mode☆215Sep 3, 2021Updated 4 years ago
- ☆101Aug 23, 2021Updated 4 years ago
- Command line tool to extract/decrypt the password that was stored in the LSA by SysInternals AutoLogon☆224Dec 5, 2020Updated 5 years ago
- Cobalt Strike Shellcode Generator☆671Jan 8, 2025Updated last year