MWR-CyberSec / AD-CS-Forest-ExploiterLinks
Exploit AD CS misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise
☆96Updated last year
Alternatives and similar repositories for AD-CS-Forest-Exploiter
Users that are interested in AD-CS-Forest-Exploiter are comparing it to the libraries listed below
Sorting:
- List of some AD tools I frequently use☆47Updated last month
- Active Directory Authentication Library☆78Updated 2 weeks ago
- Microsoft Telnet Client MS-TNAP Server-Side Authentication Token Exploit☆55Updated 2 months ago
- A GUI wrapper inside of Havoc to interact with bloodhound CE☆71Updated last year
- ☆86Updated 3 weeks ago
- Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)☆72Updated last year
- A tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs)☆58Updated 3 weeks ago
- Lateral Movement☆124Updated last year
- ☆57Updated 8 months ago
- Dump Windows SAM hashes☆42Updated last year
- Morpheus is an lsass stealer that extracts lsass.exe in RAM and exfiltrates it via forged and crypted NTP packets. For authorized testin…☆105Updated last month
- Uses rpcdump to locate the ADCS server, and identify if ESC8 is vulnerable from unauthenticated perspective.☆82Updated 10 months ago
- Proof of Concept Exploit for CVE-2024-9464☆45Updated 9 months ago
- Convert your shellcode into an ASCII string☆102Updated last month
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆147Updated last year
- Duplicate not owned Token from Running Process☆72Updated 2 years ago
- PfSense Stored XSS lead to Arbitrary Code Execution exploit☆47Updated 6 months ago
- RCE through a race condition in Apache Tomcat☆56Updated 7 months ago
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆174Updated 2 months ago
- ☆68Updated 6 months ago
- ☆159Updated last year
- A modification to fortra's CVE-2023-28252 exploit, compiled to exe☆54Updated last year
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆85Updated 4 months ago
- PowerShell Reverse Shell☆78Updated 2 years ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆122Updated 9 months ago
- this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)☆83Updated last year
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆40Updated last year
- ☆43Updated 2 weeks ago
- Small toolkit for extracting information and dumping sensitive strings from Windows processes☆114Updated last year
- ☆68Updated 2 months ago