JPG0mez / ADCSyncLinks
Use ESC1 to perform a makeshift DCSync and dump hashes
☆209Updated last year
Alternatives and similar repositories for ADCSync
Users that are interested in ADCSync are comparing it to the libraries listed below
Sorting:
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆302Updated 6 months ago
- ☆226Updated last year
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆306Updated 6 months ago
- ☆203Updated last year
- Attempt at Obfuscated version of SharpCollection☆216Updated last week
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆200Updated 7 months ago
- ☆219Updated 7 months ago
- PoC to coerce authentication from Windows hosts using MS-WSP☆239Updated last year
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆231Updated 2 weeks ago
- Cobalt Strike BOF for evasive .NET assembly execution☆249Updated 2 months ago
- ☆159Updated 6 months ago
- Active Directory Authentication Library☆73Updated last month
- Continuous password spraying tool☆186Updated 3 months ago
- psexecsvc - a python implementation of PSExec's native service implementation☆200Updated 3 months ago
- Tool for viewing NTDS.dit☆167Updated 2 months ago
- ACL abuse swiss-knife☆123Updated 2 years ago
- ☆117Updated 2 months ago
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆177Updated 2 years ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆256Updated 2 years ago
- A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY☆83Updated 3 years ago
- Retrieve and display information about active user sessions on remote computers. No admin privileges required.☆186Updated 9 months ago
- SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai.☆303Updated last week
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege☆205Updated last year
- Lateral Movement☆125Updated last year
- Extracting NetNTLM without touching lsass.exe☆235Updated last year
- Havoc C2 profile generator☆89Updated 7 months ago
- TeamServer and Client of Exploration Command and Control Framework☆128Updated last week
- Powershell version of SharpGPOAbuse☆78Updated 4 years ago
- .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS☆147Updated 3 months ago
- Tool for Active Directory Certificate Services enumeration and abuse☆161Updated last month