Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation
☆213Jan 16, 2022Updated 4 years ago
Alternatives and similar repositories for ShadowSteal
Users that are interested in ShadowSteal are comparing it to the libraries listed below
Sorting:
- C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!☆182Aug 4, 2021Updated 4 years ago
- Exploit allowing you to read registry hives as non-admin on Windows 10 and 11☆813Jul 26, 2021Updated 4 years ago
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆867Mar 20, 2023Updated 3 years ago
- Windows Privilege Escalation from User to Domain Admin.☆1,452Dec 18, 2022Updated 3 years ago
- Exploit for HiveNightmare - CVE-2021–36934☆61Aug 22, 2025Updated 7 months ago
- ☆384Aug 19, 2021Updated 4 years ago
- C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527☆1,970Jul 20, 2021Updated 4 years ago
- Local Privilege Escalation Edition for CVE-2021-1675/CVE-2021-34527☆327Jul 5, 2021Updated 4 years ago
- Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).☆819Dec 14, 2023Updated 2 years ago
- Project to enumerate proxy configurations and generate shellcode from CobaltStrike☆140Nov 4, 2020Updated 5 years ago
- C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode injection☆250Mar 31, 2021Updated 4 years ago
- ☆185Jan 5, 2021Updated 5 years ago
- .NET Project for Attacking vCenter☆553Nov 11, 2021Updated 4 years ago
- ☆181Feb 3, 2021Updated 5 years ago
- credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege☆123May 22, 2021Updated 4 years ago
- official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)☆233Jun 10, 2022Updated 3 years ago
- [ProxyLogon] CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit. [ProxyOracle] CVE-2021-31195 & CVE-2021-31196 Exploit Chains.…☆177Oct 21, 2022Updated 3 years ago
- A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE☆804May 19, 2024Updated last year
- Exploit to SYSTEM for CVE-2021-21551☆235May 20, 2021Updated 4 years ago
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆220May 3, 2023Updated 2 years ago
- Get file less command execution for lateral movement.☆637Jun 3, 2022Updated 3 years ago
- A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.☆151Nov 21, 2021Updated 4 years ago
- juicypotato for win10 > 1803 & win server 2019☆97Feb 23, 2021Updated 5 years ago
- Self-developed tools for Lateral Movement/Code Execution☆719Aug 17, 2021Updated 4 years ago
- COFF and BOF Loader written in Nim☆174Aug 1, 2022Updated 3 years ago
- C# Lsass parser☆296Oct 13, 2021Updated 4 years ago
- A little scanner to check the LDAP Signing state☆46Aug 2, 2021Updated 4 years ago
- SharpHook is an offensive API hooking tool designed to catch various credentials within the API call.☆321Jul 1, 2021Updated 4 years ago
- Spray a hash via smb to check for local administrator access☆142Feb 7, 2021Updated 5 years ago
- Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)☆275Jan 13, 2022Updated 4 years ago
- Command line interface to dump LSASS memory to disk via SilentProcessExit☆454Dec 23, 2020Updated 5 years ago
- Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)☆426Apr 22, 2021Updated 4 years ago
- ADCS abuser☆317Feb 6, 2023Updated 3 years ago
- A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies☆325Apr 8, 2023Updated 2 years ago
- C# version of Powermad☆169Dec 5, 2023Updated 2 years ago
- Remotely enables Restricted Admin Mode☆215Sep 3, 2021Updated 4 years ago
- ☆101Aug 23, 2021Updated 4 years ago
- Command line tool to extract/decrypt the password that was stored in the LSA by SysInternals AutoLogon☆223Dec 5, 2020Updated 5 years ago
- Cobalt Strike Shellcode Generator☆669Jan 8, 2025Updated last year