Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation
☆210Jan 16, 2022Updated 4 years ago
Alternatives and similar repositories for ShadowSteal
Users that are interested in ShadowSteal are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!☆180Aug 4, 2021Updated 4 years ago
- Exploit allowing you to read registry hives as non-admin on Windows 10 and 11☆833Jul 26, 2021Updated 4 years ago
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆876Mar 20, 2023Updated 3 years ago
- Windows Privilege Escalation from User to Domain Admin.☆1,462Dec 18, 2022Updated 3 years ago
- Exploit for HiveNightmare - CVE-2021–36934☆60Aug 22, 2025Updated 10 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆382Aug 19, 2021Updated 4 years ago
- Local Privilege Escalation Edition for CVE-2021-1675/CVE-2021-34527☆325Jul 5, 2021Updated 4 years ago
- C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527☆1,992Jul 20, 2021Updated 4 years ago
- Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).☆823Dec 14, 2023Updated 2 years ago
- Project to enumerate proxy configurations and generate shellcode from CobaltStrike☆139Nov 4, 2020Updated 5 years ago
- C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode injection☆249Mar 31, 2021Updated 5 years ago
- ☆188Jan 5, 2021Updated 5 years ago
- ☆182Feb 3, 2021Updated 5 years ago
- .NET Project for Attacking vCenter☆559Nov 11, 2021Updated 4 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege☆123May 22, 2021Updated 5 years ago
- official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)☆234Jun 10, 2022Updated 4 years ago
- [ProxyLogon] CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit. [ProxyOracle] CVE-2021-31195 & CVE-2021-31196 Exploit Chains.…☆177Oct 21, 2022Updated 3 years ago
- A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE☆801May 19, 2024Updated 2 years ago
- Exploit to SYSTEM for CVE-2021-21551☆235May 20, 2021Updated 5 years ago
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆219May 3, 2023Updated 3 years ago
- Get file less command execution for lateral movement.☆636Jun 3, 2022Updated 4 years ago
- A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.☆148Nov 21, 2021Updated 4 years ago
- juicypotato for win10 > 1803 & win server 2019☆97Feb 23, 2021Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Self-developed tools for Lateral Movement/Code Execution☆723Aug 17, 2021Updated 4 years ago
- COFF and BOF Loader written in Nim☆176Apr 4, 2026Updated 2 months ago
- C# Lsass parser☆297Oct 13, 2021Updated 4 years ago
- A little scanner to check the LDAP Signing state☆46Aug 2, 2021Updated 4 years ago
- SharpHook is an offensive API hooking tool designed to catch various credentials within the API call.☆321Jul 1, 2021Updated 5 years ago
- Spray a hash via smb to check for local administrator access☆143Feb 7, 2021Updated 5 years ago
- Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)☆276Jan 13, 2022Updated 4 years ago
- Command line interface to dump LSASS memory to disk via SilentProcessExit☆457Dec 23, 2020Updated 5 years ago
- Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)☆428Apr 22, 2021Updated 5 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- ADCS abuser☆322Feb 6, 2023Updated 3 years ago
- A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies☆325Apr 8, 2023Updated 3 years ago
- C# version of Powermad☆172Dec 5, 2023Updated 2 years ago
- Remotely enables Restricted Admin Mode☆214Sep 3, 2021Updated 4 years ago
- ☆100Aug 23, 2021Updated 4 years ago
- Command line tool to extract/decrypt the password that was stored in the LSA by SysInternals AutoLogon☆225Dec 5, 2020Updated 5 years ago
- Cobalt Strike Shellcode Generator☆668Jan 8, 2025Updated last year