The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencies.
☆172Sep 3, 2025Updated 6 months ago
Alternatives and similar repositories for ADSyncDump-BOF
Users that are interested in ADSyncDump-BOF are comparing it to the libraries listed below
Sorting:
- adws enumeration bof☆169Feb 16, 2026Updated 2 weeks ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- Zero dependency browser extension for handling import of cookies, Microsoft 365 OAuth tokens, and Graph API interactions.☆23Feb 26, 2026Updated last week
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆124Jan 17, 2026Updated last month
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 5 months ago
- ☆138Nov 17, 2025Updated 3 months ago
- SharpCoercer is a .NET 4.8 C# tool that leverages 16 different RPC-based coercion methods to force remote Windows hosts to authenticate t…☆55Jul 13, 2025Updated 7 months ago
- A BOF to enumerate system process, their protection levels, and more.☆125Nov 27, 2024Updated last year
- ForsHops☆152Mar 25, 2025Updated 11 months ago
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆262Feb 21, 2025Updated last year
- Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By f…☆326Oct 20, 2025Updated 4 months ago
- Local SYSTEM auth trigger for relaying - X☆155Jul 23, 2025Updated 7 months ago
- A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass☆167Sep 22, 2025Updated 5 months ago
- Library of BOFs to interact with SQL servers☆223Dec 3, 2025Updated 3 months ago
- ☆48Dec 5, 2025Updated 3 months ago
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆400Jul 23, 2025Updated 7 months ago
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆637May 8, 2025Updated 9 months ago
- Tool to enumerate privileged Scheduled Tasks on Remote Systems☆286Jan 12, 2026Updated last month
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆382Dec 13, 2024Updated last year
- Weaponize signed .NET ClickOnce applications for initial access by hijacking a dependency DLL via AppDomainManager injection and loading …☆135Feb 14, 2026Updated 2 weeks ago
- ☆160Jan 27, 2025Updated last year
- ☆146Nov 6, 2025Updated 4 months ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆345Nov 19, 2024Updated last year
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 6 months ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆137Apr 18, 2025Updated 10 months ago
- Reflective shellcode loaderwith advanced call stack spoofing and .NET support.☆227Sep 19, 2025Updated 5 months ago
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆275Dec 27, 2024Updated last year
- Proof-of-concept implementation of AI-enabled postex DLLs☆54Sep 10, 2025Updated 5 months ago
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆438Jun 27, 2025Updated 8 months ago
- Weaponizing DCOM for NTLM Authentication Coercions☆197Nov 4, 2025Updated 4 months ago
- ☆53Sep 23, 2025Updated 5 months ago
- BOF to steal browser cookies & credentials☆500Feb 10, 2026Updated 3 weeks ago
- This is the tool to dump the LSASS process on modern Windows 11☆560Nov 1, 2025Updated 4 months ago
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆364Jan 29, 2026Updated last month
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆158Mar 26, 2025Updated 11 months ago
- Internal Monologue BOF☆79Dec 28, 2024Updated last year
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆129Oct 4, 2024Updated last year
- ☆234Oct 8, 2024Updated last year
- AppLocker-Based EDR Neutralization☆323Dec 19, 2025Updated 2 months ago