AD ACL Abuser for Havoc C2
☆25Mar 30, 2026Updated 3 months ago
Alternatives and similar repositories for acl-abuse-havoc
Users that are interested in acl-abuse-havoc are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- dcsync bof☆54Feb 13, 2026Updated 5 months ago
- Havoc C2 BOF port of the KslD.sys BYOVD technique. Credential extraction from lsass via physical memory — no OpenProcess, no auditable AP…☆142Apr 22, 2026Updated 2 months ago
- DevSecOps for the AI-era CI/CD pipeline. Catches the bugs your AI coding assistant introduces — before they reach production.☆20Updated this week
- BOF for Havoc that copies locked Windows files (SAM, SYSTEM, NTDS.dit) via raw MFT parsing — no VSS, no Registry APIs, no PowerShell☆134Apr 6, 2026Updated 3 months ago
- Stack spoofing Detection for CET processes by comparing shadow and user stacks.☆36May 22, 2026Updated last month
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Active Directory forensic framework☆16May 18, 2026Updated last month
- Shellcode capable of bypassing EAF / IAF mitigations☆30Apr 11, 2023Updated 3 years ago
- abusing windows toast notifications for fun and user manipulation☆105Updated this week
- ☆18Nov 23, 2023Updated 2 years ago
- A Cobalt Strike Beacon Object File that exploits the BlueHammer vulnerability that to obtain a copy of the SAM database.☆166Apr 15, 2026Updated 3 months ago
- Havoc C2 BOF — WFP kernel-space SYSTEM escalation + command execution with indirect syscalls, patchless AMSI/ETW bypass, and return addre…☆79Mar 22, 2026Updated 3 months ago
- A BOF designed to inspect processes memory and addresses☆40Apr 19, 2026Updated 2 months ago
- Busybox-style Beacon Object Files for *nix post-exploitation. Reimplements common Unix utilities as BOFs for use in stripped environments…☆81Jul 5, 2026Updated last week
- psexec-like remote execution using the paexec wire protocol that supports paexec and remoteexecm2 from manageengine adselfservice plus☆43Mar 24, 2026Updated 3 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Beacon Object File to Enable Chrome DevTools Protocol (CDP)☆116Jul 1, 2026Updated 2 weeks ago
- ☆141Nov 17, 2025Updated 7 months ago
- Python and BOF utilites to the determine EPA enforcement levels of popular NTLM relay targets from the offensive perspective☆181May 31, 2026Updated last month
- Async BOF that monitors USB device connect/disconnect events, reports device information and performs actions on connected USB storage vo…☆56Jun 17, 2026Updated 3 weeks ago
- A simple proof-of-concept Windows syscall logger using the NT instrumentation callback mechanism.☆35Mar 6, 2026Updated 4 months ago
- ☆127Sep 1, 2024Updated last year
- Transform LDAP filters, BaseDNs, attribute lists, and attribute entries using composable middleware chains. Zero dependencies. Works as a…☆42Apr 13, 2026Updated 3 months ago
- Async BOF that notifies the operator when a user connects to a local or remote target system.☆34Jun 17, 2026Updated 3 weeks ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆103Mar 20, 2023Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A Cobalt Strike BOF implementation of the SilentHarvest registry dumping technique☆182Apr 14, 2026Updated 3 months ago
- .NET CLR-Stomping☆146May 20, 2026Updated last month
- Object file loader implemented as a post-ex DLL for asynchronous BOF execution.☆29Jun 15, 2026Updated last month
- shellcode生成框架☆91Jul 11, 2024Updated 2 years ago
- A PoC Cobalt Strike UDRL written in Rust☆31Jun 20, 2026Updated 3 weeks ago
- BAADTokenBroker is a post-exploitation tool designed to interact with Microsoft Entra ID device-bound keys.☆83Apr 11, 2026Updated 3 months ago
- Abusing DDMA alongside Copy On Write for Cross Process Code Execution for a 3000$ Bug Bounty☆99Feb 1, 2026Updated 5 months ago
- A compiled language for Windows position-independent x86-64 shellcode and Beacon Object Files.☆171Jun 28, 2026Updated 2 weeks ago
- BOF to impersonate TrustedInstaller via DISM API trigger and thread impersonation☆132Mar 27, 2026Updated 3 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Packer is a compact, fast and crosss-platform serialization library for store data in a buffer☆23Aug 5, 2023Updated 2 years ago
- a BOF implementation of various registry persistence methods☆98Nov 11, 2025Updated 8 months ago
- ☆86Apr 8, 2026Updated 3 months ago
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆90Oct 20, 2025Updated 8 months ago
- open source port/reimplementation of the Cobalt Strike BOF Loader as is☆73Mar 8, 2026Updated 4 months ago
- Cobalt Strike BOF used to perform privilege escalation by exploiting the SeImpersonate privilege. Based on the original GodPotato PoC by …☆273Apr 16, 2026Updated 3 months ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆155Apr 18, 2025Updated last year