A Windows potato to privesc
☆391Aug 26, 2024Updated last year
Alternatives and similar repositories for CoercedPotato
Users that are interested in CoercedPotato are comparing it to the libraries listed below
Sorting:
- Fileless atexec, no more need for port 445☆404Mar 28, 2024Updated last year
- Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do☆400Feb 6, 2023Updated 3 years ago
- ☆707Nov 7, 2023Updated 2 years ago
- ☆2,202Nov 24, 2023Updated 2 years ago
- New generation of wmiexec.py�☆1,254Jan 5, 2026Updated last month
- Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE☆205Aug 25, 2023Updated 2 years ago
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege☆225Nov 23, 2023Updated 2 years ago
- Bypassing UAC with SSPI Datagram Contexts☆461Sep 24, 2023Updated 2 years ago
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆701May 7, 2025Updated 9 months ago
- ☆341Nov 10, 2025Updated 3 months ago
- PrintNotifyPotato☆539Dec 2, 2022Updated 3 years ago
- A beacon object file implementation of PoolParty Process Injection Technique.☆434Dec 21, 2023Updated 2 years ago
- Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).☆586Mar 19, 2024Updated last year
- ☆242May 5, 2024Updated last year
- A BOF that runs unmanaged PEs inline☆681Oct 23, 2024Updated last year
- Some Service DCOM Object and SeImpersonatePrivilege abuse.☆372Dec 9, 2022Updated 3 years ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆346Nov 19, 2024Updated last year
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆250Jun 11, 2024Updated last year
- Windows Token Stealing Expert☆486Nov 24, 2023Updated 2 years ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆614Jan 2, 2025Updated last year
- 添加计划任务方法集合☆309Aug 6, 2023Updated 2 years ago
- ☆234Nov 13, 2024Updated last year
- Escalate Service Account To LocalSystem via Kerberos☆403Sep 14, 2023Updated 2 years ago
- .NET assembly loader with patchless AMSI and ETW bypass☆368Apr 19, 2023Updated 2 years ago
- Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).☆816Dec 14, 2023Updated 2 years ago
- UAC Bypass By Abusing Kerberos Tickets☆508Aug 10, 2023Updated 2 years ago
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆539Feb 13, 2024Updated 2 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆675Aug 15, 2025Updated 6 months ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆96Mar 20, 2023Updated 2 years ago
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆361Dec 13, 2025Updated 2 months ago
- Confluence CVE 2021,2022,2023 利用工具,支持命令执行,哥斯拉,冰蝎 内存马注入☆554Feb 1, 2024Updated 2 years ago
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆266Apr 8, 2025Updated 10 months ago
- Pillager是一个适用于后渗透期间的信息收集工具☆1,268Sep 7, 2024Updated last year
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆407Sep 12, 2023Updated 2 years ago
- Local privilege escalation from SeImpersonatePrivilege using EfsRpc.☆337Oct 17, 2022Updated 3 years ago
- DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYS…☆462Aug 17, 2024Updated last year
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆1,198Oct 16, 2023Updated 2 years ago
- 域内自动化信息搜集利用工具☆468Oct 24, 2023Updated 2 years ago
- Terminate AV/EDR Processes using kernel driver☆352Jun 12, 2023Updated 2 years ago