Offensive-Panda / ShadowDumperLinks
Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive data in LSASS memory.
☆561Updated 4 months ago
Alternatives and similar repositories for ShadowDumper
Users that are interested in ShadowDumper are comparing it to the libraries listed below
Sorting:
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.☆527Updated 5 months ago
- DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYS…☆442Updated last year
- Extract and execute a PE embedded within a PNG file using an LNK file.☆444Updated 11 months ago
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆426Updated last year
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆618Updated 5 months ago
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆567Updated last year
- Cobalt Strike HTTPS beaconing over Microsoft Graph API☆608Updated last year
- Collection of UAC Bypass Techniques Weaponized as BOFs☆557Updated last year
- Windows remote execution multitool☆706Updated last week
- HookChain: A new perspective for Bypassing EDR Solutions☆566Updated 9 months ago
- Amsi Bypass payload that works on Windwos 11��☆375Updated 2 years ago
- Tool to remotely dump secrets from the Windows registry☆497Updated 4 months ago
- ☆402Updated 10 months ago
- SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection s…☆410Updated last year
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆681Updated 5 months ago
- Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).☆576Updated last year
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆509Updated 5 months ago
- Useful C2 techniques and cheat sheets learned from engagements☆549Updated last month
- CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File☆334Updated 6 months ago
- EDR-Freeze is a tool that puts a process of EDR, AntiMalware into a coma state.☆615Updated this week
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆379Updated last week
- Protected Process Dumper Tool☆566Updated 2 years ago
- ArgFuscator.net is an open-source, stand-alone web application that helps generate obfuscated command lines for common system-native exec…☆372Updated 5 months ago
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆436Updated last year
- AdaptixFramework Extension Kit☆261Updated last week
- A list of python tools to help create an OPSEC-safe Cobalt Strike profile.☆486Updated 4 months ago
- UAC Bypass By Abusing Kerberos Tickets☆499Updated 2 years ago
- PoC Exploit for the NTLM reflection SMB flaw.☆512Updated 3 months ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆646Updated last month
- ScareCrow - Payload creation framework designed around EDR bypass.☆338Updated 2 years ago