A Windows potato to privesc
☆391Aug 26, 2024Updated last year
Alternatives and similar repositories for CoercedPotato
Users that are interested in CoercedPotato are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do☆402Feb 6, 2023Updated 3 years ago
- Fileless atexec, no more need for port 445☆406Mar 28, 2024Updated last year
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege☆226Nov 23, 2023Updated 2 years ago
- Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE☆205Aug 25, 2023Updated 2 years ago
- ☆2,214Nov 24, 2023Updated 2 years ago
- New generation of wmiexec.py☆1,269Jan 5, 2026Updated 2 months ago
- ☆705Nov 7, 2023Updated 2 years ago
- PrintNotifyPotato☆539Dec 2, 2022Updated 3 years ago
- Bypassing UAC with SSPI Datagram Contexts☆465Sep 24, 2023Updated 2 years ago
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆701May 7, 2025Updated 10 months ago
- ☆342Nov 10, 2025Updated 4 months ago
- ☆234Nov 13, 2024Updated last year
- A BOF that runs unmanaged PEs inline☆685Oct 23, 2024Updated last year
- A beacon object file implementation of PoolParty Process Injection Technique.☆438Dec 21, 2023Updated 2 years ago
- ☆244May 5, 2024Updated last year
- Some Service DCOM Object and SeImpersonatePrivilege abuse.☆372Dec 9, 2022Updated 3 years ago
- 添加计划任务方法集合☆310Aug 6, 2023Updated 2 years ago
- Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).☆585Mar 19, 2024Updated 2 years ago
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆250Jun 11, 2024Updated last year
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆346Nov 19, 2024Updated last year
- Windows Token Stealing Expert☆486Nov 24, 2023Updated 2 years ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆617Jan 2, 2025Updated last year
- Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).☆819Dec 14, 2023Updated 2 years ago
- Escalate Service Account To LocalSystem via Kerberos☆403Sep 14, 2023Updated 2 years ago
- Confluence CVE 2021,2022,2023 利用工具,支持命令执行,哥斯拉,冰蝎 内存马注入☆555Feb 1, 2024Updated 2 years ago
- A Custom CLR Assembly for MSSQL of the popular tool GodPotato☆82Jun 19, 2023Updated 2 years ago
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆407Sep 12, 2023Updated 2 years ago
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆361Dec 13, 2025Updated 3 months ago
- xp_cmdshell与sp_oacreate执行命令回显和clr加载程序集执行相应操作,上传,job等相应操作。☆195Nov 25, 2023Updated 2 years ago
- Pillager是一个适用于后渗透期间的信息收集工具☆1,271Sep 7, 2024Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆374Apr 19, 2023Updated 2 years ago
- 域内自动化信息搜集利用工具☆468Oct 24, 2023Updated 2 years ago
- 一个浏览器数据(密码|历史记录|Cookie|书签|下载记录)的导出工具,支持主流浏览器。☆792Nov 15, 2024Updated last year
- 基于 OPSEC 的 CobaltStrike 后渗透自动化链☆451Mar 11, 2024Updated 2 years ago
- Cobalt Strike BOF that Add a user to localgroup by samr☆135Nov 30, 2022Updated 3 years ago
- 寻找可利用的白文件☆559Aug 18, 2025Updated 7 months ago
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.☆537Nov 14, 2025Updated 4 months ago
- golang 实现的windows and linux 端口复用工具。☆310Jan 30, 2024Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆98Mar 20, 2023Updated 3 years ago