Offensive-Panda / ShadowDumper
Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive data in LSASS memory.
☆514Updated last month
Alternatives and similar repositories for ShadowDumper:
Users that are interested in ShadowDumper are comparing it to the libraries listed below
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.☆508Updated this week
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆567Updated 9 months ago
- DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYS…☆378Updated 7 months ago
- Cobalt Strike HTTPS beaconing over Microsoft Graph API☆579Updated 9 months ago
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆511Updated 9 months ago
- Extract and execute a PE embedded within a PNG file using an LNK file.☆395Updated 5 months ago
- Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).☆535Updated last year
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆394Updated 8 months ago
- ☆410Updated this week
- ☆352Updated 3 months ago
- Collection of UAC Bypass Techniques Weaponized as BOFs☆490Updated last year
- Simulate the behavior of AV/EDR for malware development training.☆518Updated last year
- HookChain: A new perspective for Bypassing EDR Solutions☆507Updated 2 months ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆571Updated 8 months ago
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆578Updated 3 months ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆438Updated last month
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆345Updated 2 months ago
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆396Updated 8 months ago
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆286Updated 10 months ago
- Protected Process Dumper Tool☆544Updated last year
- Amsi Bypass payload that works on Windwos 11☆375Updated last year
- Materials for the workshop "Red Team Ops: Havoc 101"☆370Updated 5 months ago
- Moriarty is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in…☆509Updated 7 months ago
- A command and control framework written in rust.☆315Updated last month
- Useful C2 techniques and cheatsheets learned from engagements☆484Updated this week
- Escalate Service Account To LocalSystem via Kerberos☆395Updated last year
- AV/EDR Lab environment setup references to help in Malware development☆370Updated last month
- A list of python tools to help create an OPSEC-safe Cobalt Strike profile.☆413Updated last year
- ☆706Updated last year
- This comprehensive process injection series is crafted for cybersecurity enthusiasts, researchers, and professionals who aim to stay at t…☆369Updated 3 months ago