Offensive-Panda / ShadowDumperLinks
Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive data in LSASS memory.
☆545Updated last month
Alternatives and similar repositories for ShadowDumper
Users that are interested in ShadowDumper are comparing it to the libraries listed below
Sorting:
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.☆524Updated last month
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆597Updated last month
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆410Updated 11 months ago
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆523Updated last year
- Extract and execute a PE embedded within a PNG file using an LNK file.☆422Updated 7 months ago
- Windows remote execution multitool☆563Updated last week
- DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYS…☆425Updated 10 months ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆491Updated last month
- Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).☆558Updated last year
- Collection of UAC Bypass Techniques Weaponized as BOFs☆518Updated last year
- Cobalt Strike HTTPS beaconing over Microsoft Graph API☆602Updated 11 months ago
- Useful C2 techniques and cheatsheets learned from engagements☆515Updated 2 months ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆615Updated last month
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆361Updated 5 months ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆559Updated 5 months ago
- ☆397Updated 6 months ago
- Materials for the workshop "Red Team Ops: Havoc 101"☆380Updated 8 months ago
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆296Updated last year
- Simulate the behavior of AV/EDR for malware development training.☆530Updated last year
- Amsi Bypass payload that works on Windwos 11☆378Updated last year
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆642Updated last month
- Kill AV/EDR leveraging BYOVD attack☆361Updated last year
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆417Updated 10 months ago
- UAC Bypass By Abusing Kerberos Tickets☆498Updated last year
- A list of python tools to help create an OPSEC-safe Cobalt Strike profile.☆454Updated last month
- ArgFuscator.net is an open-source, stand-alone web application that helps generate obfuscated command lines for common system-native exec…☆264Updated 2 months ago
- Evasive shellcode loader☆368Updated 8 months ago
- Protected Process Dumper Tool☆555Updated last year
- PoC Exploit for the NTLM reflection SMB flaw.☆347Updated last week
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).☆472Updated 2 months ago