MzHmO / LeakedWallpaper
Leak of any user's NetNTLM hash. Fixed in KB5040434
☆250Updated 5 months ago
Alternatives and similar repositories for LeakedWallpaper:
Users that are interested in LeakedWallpaper are comparing it to the libraries listed below
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).☆417Updated 2 months ago
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆269Updated 2 months ago
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆384Updated 7 months ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆275Updated 2 months ago
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆261Updated 2 months ago
- Attempt at Obfuscated version of SharpCollection☆203Updated 2 weeks ago
- SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection s…☆281Updated 8 months ago
- ☆269Updated last year
- ☆162Updated last year
- A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…☆202Updated 3 weeks ago
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆153Updated last month
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆149Updated 8 months ago
- Use ESC1 to perform a makeshift DCSync and dump hashes☆202Updated last year
- Extracting NetNTLM without touching lsass.exe☆233Updated last year
- Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …☆186Updated 3 months ago
- Kill AV/EDR leveraging BYOVD attack☆335Updated last year
- CVE-2024-38200 & CVE-2024-43609 - Microsoft Office NTLMv2 Disclosure Vulnerability☆136Updated 2 weeks ago
- ☆131Updated this week
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆410Updated last month
- Fileless atexec, no more need for port 445☆353Updated 10 months ago
- Evasive Golang Loader☆132Updated 6 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆179Updated 3 months ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆143Updated 8 months ago
- Amsi Bypass payload that works on Windwos 11☆374Updated last year
- AV bypass while you sip your Chai!☆215Updated 8 months ago
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆270Updated 8 months ago
- Multiplayer pivoting solution☆130Updated this week
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆193Updated 7 months ago
- PoC to coerce authentication from Windows hosts using MS-WSP☆229Updated last year
- ☆161Updated 2 months ago