JPG0mez / ADCSyncLinks
Use ESC1 to perform a makeshift DCSync and dump hashes
☆209Updated last year
Alternatives and similar repositories for ADCSync
Users that are interested in ADCSync are comparing it to the libraries listed below
Sorting:
- ☆231Updated last year
- Attempt at Obfuscated version of SharpCollection☆223Updated this week
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆332Updated 11 months ago
- PoC to coerce authentication from Windows hosts using MS-WSP☆294Updated 2 years ago
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆336Updated 11 months ago
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆175Updated 2 years ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆207Updated last year
- ☆213Updated last year
- ☆227Updated last year
- Havoc C2 profile generator☆99Updated 3 months ago
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆282Updated 2 years ago
- Extracting NetNTLM without touching lsass.exe☆239Updated last year
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆258Updated last year
- My implementation of the GIUDA project in C++☆187Updated 2 years ago
- ACL abuse swiss-knife☆123Updated 2 years ago
- Library of BOFs to interact with SQL servers☆208Updated last week
- Set of python scripts which perform different ways of command execution via WMI protocol.☆162Updated 2 years ago
- Lateral Movement☆124Updated last year
- Active Directory Authentication Library☆79Updated 2 weeks ago
- ☆100Updated 2 years ago
- psexecsvc - a python implementation of PSExec's native service implementation☆217Updated 8 months ago
- Tool for viewing NTDS.dit☆183Updated 7 months ago
- ☆219Updated last year
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆258Updated 2 years ago
- ☆160Updated last year
- Python script for automating the creation of serverless cloud redirectors from Cobalt Strike malleable C2 profiles☆199Updated last year
- Offensive MSSQL toolkit written in Python, based off SQLRecon☆203Updated 9 months ago
- Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …☆218Updated last year
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege☆223Updated last year
- Evasive Golang Loader☆138Updated last year