LuemmelSec / ntlmrelayx.py_to_exeView external linksLinks
☆94May 26, 2023Updated 2 years ago
Alternatives and similar repositories for ntlmrelayx.py_to_exe
Users that are interested in ntlmrelayx.py_to_exe are comparing it to the libraries listed below
Sorting:
- From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller☆439Jan 4, 2025Updated last year
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆345Nov 19, 2024Updated last year
- C# version of NTLMRawUnHide☆72Oct 8, 2022Updated 3 years ago
- DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …☆565Jun 5, 2023Updated 2 years ago
- ☆242May 5, 2024Updated last year
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- PoC to coerce authentication from Windows hosts using MS-WSP☆302Sep 7, 2023Updated 2 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆69Oct 10, 2025Updated 4 months ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated 11 months ago
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆41Dec 8, 2023Updated 2 years ago
- Library of BOFs to interact with SQL servers☆16Dec 6, 2024Updated last year
- ☆235Oct 8, 2024Updated last year
- ☆341Nov 10, 2025Updated 3 months ago
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆140Sep 14, 2024Updated last year
- GPOAnalyzer is a tool designed to assist in parsing domain Group Policy Object (GPO) files located in the SYSVOL directory.☆28Jun 14, 2024Updated last year
- Simple BOF to read the protection level of a process☆118May 10, 2023Updated 2 years ago
- An execute-assembly compatible tool for spraying local admin hashes on an Active Directory domain.☆19Apr 30, 2021Updated 4 years ago
- ☆74Jun 17, 2025Updated 7 months ago
- Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel☆725Sep 3, 2025Updated 5 months ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆90Dec 15, 2022Updated 3 years ago
- ADCS cert template modification and ACL enumeration☆144Jun 26, 2023Updated 2 years ago
- ☆15Aug 17, 2023Updated 2 years ago
- Dump NTDS with golden certificates and UnPAC the hash☆647Mar 20, 2024Updated last year
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆187Jun 22, 2022Updated 3 years ago
- Fileless atexec, no more need for port 445☆404Mar 28, 2024Updated last year
- Repository contains psexec, which will help to exploit the forgotten pipe☆171Nov 5, 2024Updated last year
- ☆160Mar 27, 2023Updated 2 years ago
- Escalate Service Account To LocalSystem via Kerberos☆402Sep 14, 2023Updated 2 years ago
- ☆18Jan 14, 2026Updated last month
- New generation of wmiexec.py☆1,255Jan 5, 2026Updated last month
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆273Apr 17, 2023Updated 2 years ago
- A wrapper of ldap_shell.py module which in ntlmrelayx☆62Sep 22, 2022Updated 3 years ago
- Execute unmanaged Windows executables in CobaltStrike Beacons☆714Mar 4, 2023Updated 2 years ago
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆381Dec 13, 2024Updated last year
- COFF file (BOF) for managing Kerberos tickets.☆321Jul 2, 2023Updated 2 years ago
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆886Updated this week
- LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and r…☆381Apr 26, 2025Updated 9 months ago
- Custom Queries - Brought Up to BH4.1 syntax☆272Dec 7, 2025Updated 2 months ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆482Oct 14, 2022Updated 3 years ago