Offensive-Panda / ShadowDumperLinks
Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive data in LSASS memory.
☆568Updated 7 months ago
Alternatives and similar repositories for ShadowDumper
Users that are interested in ShadowDumper are comparing it to the libraries listed below
Sorting:
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.☆532Updated last month
- DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYS…☆451Updated last year
- Extract and execute a PE embedded within a PNG file using an LNK file.☆463Updated last year
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆628Updated 7 months ago
- Cobalt Strike HTTPS beaconing over Microsoft Graph API☆620Updated last year
- Windows remote execution multitool☆762Updated 3 months ago
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆587Updated last year
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆443Updated last year
- HookChain: A new perspective for Bypassing EDR Solutions☆579Updated last year
- Collection of UAC Bypass Techniques Weaponized as BOFs☆589Updated last year
- Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).☆580Updated last year
- EDR-Freeze is a tool that puts a process of EDR, AntiMalware into a coma state.☆786Updated 2 months ago
- PoC Exploit for the NTLM reflection SMB flaw.☆614Updated 6 months ago
- ArgFuscator.net is an open-source, stand-alone web application that helps generate obfuscated command lines for common system-native exec…☆387Updated 8 months ago
- AdaptixFramework Extension Kit☆350Updated last week
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆529Updated 7 months ago
- Stealthily inject shellcode into an executable☆431Updated 2 months ago
- CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File☆390Updated 9 months ago
- Tool to remotely dump secrets from the Windows registry☆519Updated last month
- ☆409Updated last year
- A list of python tools to help create an OPSEC-safe Cobalt Strike profile.☆504Updated 7 months ago
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆694Updated 7 months ago
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆529Updated last month
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆659Updated 4 months ago
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆396Updated 3 months ago
- Simulate the behavior of AV/EDR for malware development training.☆556Updated last year
- SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection s…☆444Updated last year
- Amsi Bypass payload that works on Windwos 11☆377Updated 2 years ago
- Moriarty is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in…☆511Updated last year
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).☆524Updated last month