RayRRT / Active-Directory-Certificate-Services-abuse
☆42Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for Active-Directory-Certificate-Services-abuse
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆53Updated 2 years ago
- Secretsdump C# version only supporting local (live) operation☆47Updated last year
- ☆77Updated last year
- Alternative Shellcode Execution Via Callbacks in C# with P/Invoke☆72Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆88Updated 10 months ago
- ☆89Updated 2 years ago
- Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆13Updated 2 years ago
- ☆61Updated 2 years ago
- Automating payload generation for OSEP labs and exam.☆34Updated 2 years ago
- Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly☆117Updated last month
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆78Updated 7 months ago
- Execute commands in other Sessions☆81Updated 3 months ago
- C# havoc implant☆96Updated last year
- ☆138Updated 2 years ago
- ☆92Updated 9 months ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆66Updated last year
- Active Directory certificate abuse.☆36Updated 2 years ago
- To audit the security of read-only domain controllers☆113Updated 11 months ago
- Library of BOFs to interact with SQL servers☆146Updated this week
- ☆59Updated 4 months ago
- A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY☆78Updated 2 years ago
- An old Windows workstations LPE for domain environments without LDAP signing/channel binding.☆28Updated last year
- ☆87Updated 2 months ago
- Beacon Object Files (not Buffer Overflows)☆51Updated last year
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆86Updated 2 years ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆123Updated 8 months ago
- ☆94Updated last year
- Enumerate information from NTLM authentication enabled web endpoints 🔎☆35Updated last year
- Exploit for CVE-2023-27532 against Veeam Backup & Replication☆102Updated last year
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Updated 2 years ago