NotMedic / NetNTLMtoSilverTicket
SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket
☆767Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for NetNTLMtoSilverTicket
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆704Updated 11 months ago
- Bypass for PowerShell Constrained Language Mode☆375Updated 2 years ago
- Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket☆496Updated 2 years ago
- PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as w…☆925Updated 5 months ago
- Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, …☆814Updated last week
- ☆350Updated 3 years ago
- Cobalt Strike kit for Lateral Movement☆648Updated 4 years ago
- ☆349Updated 3 years ago
- SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GP…☆1,070Updated 3 years ago
- Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime pat…☆839Updated 3 years ago
- A tool to help query AD via the LDAP protocol☆466Updated last month
- Python version of the C# tool for "Shadow Credentials" attacks☆611Updated this week
- Tools for Kerberos PKINIT and relaying to AD CS☆639Updated 7 months ago
- A .NET Framework 4.0 Windows Agent☆455Updated last week
- "Golden" certificates☆651Updated 3 months ago
- The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.☆465Updated 2 years ago
- Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands☆978Updated 3 years ago
- A Cobalt Strike tool to audit Active Directory user accounts for weak, well known or easy guessable passwords.☆425Updated 2 years ago
- C# implementation of harmj0y's PowerView☆1,012Updated 8 months ago
- OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at s…☆505Updated 2 years ago
- Use SE_BACKUP_NAME/SeBackupPrivilege to access objects you shouldn't have access to☆291Updated 11 years ago
- Collection of remote authentication triggers in C#☆465Updated 6 months ago
- Utility to enumerate users, groups and computers from a Windows domain through LDAP queries☆348Updated 3 years ago
- WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations☆346Updated 4 years ago
- A User Impersonation tool - via Token or Shellcode injection☆403Updated 2 years ago
- ☆735Updated 2 years ago
- Evil SQL Client (ESC) is an interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration feature…☆280Updated last year
- PowerShell Constrained Language Mode Bypass☆232Updated 3 years ago
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆413Updated 2 years ago
- PowerSploit - A PowerShell Post-Exploitation Framework☆216Updated 2 years ago