MWR-CyberSec / AD-CS-Forest-ExploiterLinks
Exploit AD CS misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise
☆101Updated last year
Alternatives and similar repositories for AD-CS-Forest-Exploiter
Users that are interested in AD-CS-Forest-Exploiter are comparing it to the libraries listed below
Sorting:
- Active Directory Authentication Library☆79Updated 2 weeks ago
- ☆83Updated 5 months ago
- This is a GRE PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion☆85Updated 2 months ago
- A GUI wrapper inside of Havoc to interact with bloodhound CE☆71Updated last year
- A tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs)☆60Updated 3 months ago
- ☆59Updated 11 months ago
- Microsoft Telnet Client MS-TNAP Server-Side Authentication Token Exploit☆59Updated 5 months ago
- Morpheus is an lsass stealer that extracts lsass.exe in RAM and exfiltrates it via forged and crypted NTP packets. For authorized testin…☆116Updated 4 months ago
- ☆68Updated 9 months ago
- Lateral Movement☆124Updated last year
- this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)☆83Updated last year
- Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)☆75Updated last year
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆87Updated 7 months ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆148Updated last year
- Small toolkit for extracting information and dumping sensitive strings from Windows processes☆115Updated last year
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆177Updated 5 months ago
- ☆44Updated last week
- ☆160Updated last year
- Uses rpcdump to locate the ADCS server, and identify if ESC8 is vulnerable from unauthenticated perspective.☆82Updated last year
- ☆88Updated 3 months ago
- Advanced In-Memory PowerShell Process Injection Framework☆69Updated 3 months ago
- Personal collection of exploits and PoCs across Windows, Linux, and enterprise software.☆53Updated 3 months ago
- PoC that downloads an executable from a public SSL certificate☆127Updated 2 months ago
- Exploit for the CVE-2024-5806☆45Updated last year
- Convert your shellcode into an ASCII string☆123Updated 3 months ago
- Proof of Concept Exploit for CVE-2024-9464☆45Updated last year
- ZSH integration for Impacket☆72Updated 9 months ago
- Repo for all my exploits/PoCs☆53Updated 5 months ago
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆42Updated last year
- ☆148Updated 5 months ago