Offensive-Panda / ShadowDumperLinks
Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive data in LSASS memory.
☆536Updated last week
Alternatives and similar repositories for ShadowDumper
Users that are interested in ShadowDumper are comparing it to the libraries listed below
Sorting:
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.☆519Updated last month
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆595Updated 3 weeks ago
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆520Updated 11 months ago
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆409Updated 10 months ago
- DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYS…☆417Updated 9 months ago
- Extract and execute a PE embedded within a PNG file using an LNK file.☆417Updated 7 months ago
- Cobalt Strike HTTPS beaconing over Microsoft Graph API☆599Updated 11 months ago
- Windows remote execution multitool☆497Updated 3 weeks ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆485Updated 3 weeks ago
- Collection of UAC Bypass Techniques Weaponized as BOFs☆514Updated last year
- Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).☆549Updated last year
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆359Updated 4 months ago
- Amsi Bypass payload that works on Windwos 11☆377Updated last year
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆292Updated last year
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆414Updated 10 months ago
- Materials for the workshop "Red Team Ops: Havoc 101"☆377Updated 7 months ago
- ArgFuscator.net is an open-source, stand-alone web application that helps generate obfuscated command lines for common system-native exec…☆254Updated last month
- A list of python tools to help create an OPSEC-safe Cobalt Strike profile.☆440Updated 2 weeks ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆558Updated 5 months ago
- Useful C2 techniques and cheatsheets learned from engagements☆510Updated last month
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆607Updated 2 weeks ago
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆632Updated 3 weeks ago
- Simulate the behavior of AV/EDR for malware development training.☆528Updated last year
- This comprehensive process injection series is crafted for cybersecurity enthusiasts, researchers, and professionals who aim to stay at t…☆378Updated last week
- DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …☆546Updated last year
- UAC Bypass By Abusing Kerberos Tickets☆496Updated last year
- Kill AV/EDR leveraging BYOVD attack☆359Updated last year
- Protected Process Dumper Tool☆549Updated last year
- Escalate Service Account To LocalSystem via Kerberos☆395Updated last year
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆314Updated last year