Offensive-Panda / ShadowDumper
Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive data in LSASS memory.
☆418Updated last month
Alternatives and similar repositories for ShadowDumper:
Users that are interested in ShadowDumper are comparing it to the libraries listed below
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.☆501Updated 5 months ago
- DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYS…☆365Updated 5 months ago
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆382Updated 6 months ago
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆541Updated 6 months ago
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆500Updated 7 months ago
- Extract and execute a PE embedded within a PNG file using an LNK file.☆329Updated 2 months ago
- ☆332Updated last month
- Cobalt Strike HTTPS beaconing over Microsoft Graph API☆560Updated 6 months ago
- Collection of UAC Bypass Techniques Weaponized as BOFs☆437Updated 10 months ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆403Updated last month
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆557Updated 5 months ago
- Evasive shellcode loader☆315Updated 3 months ago
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆363Updated 5 months ago
- Materials for the workshop "Red Team Ops: Havoc 101"☆362Updated 3 months ago
- Simulate the behavior of AV/EDR for malware development training.☆460Updated 11 months ago
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆262Updated 8 months ago
- HookChain: A new perspective for Bypassing EDR Solutions☆475Updated last week
- Useful C2 techniques and cheatsheets learned from engagements☆458Updated 3 months ago
- SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection s…☆279Updated 8 months ago
- Kill AV/EDR leveraging BYOVD attack☆333Updated last year
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆556Updated last month
- micr0shell is a Python script that dynamically generates Windows X64 PIC Null-Free reverse shell shellcode.☆163Updated 5 months ago
- Protected Process Dumper Tool☆527Updated last year
- Escalate Service Account To LocalSystem via Kerberos☆392Updated last year
- Amsi Bypass payload that works on Windwos 11☆374Updated last year
- shellcode loader for your evasion needs☆307Updated 2 months ago
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆270Updated 9 months ago
- Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).☆504Updated 9 months ago
- UAC Bypass By Abusing Kerberos Tickets☆489Updated last year
- A list of python tools to help create an OPSEC-safe Cobalt Strike profile.☆388Updated 10 months ago