NTFS parsing library in C#. Allows one to parse and read NTFS structures on disk.
☆32Jul 16, 2021Updated 4 years ago
Alternatives and similar repositories for NTFSCopy
Users that are interested in NTFSCopy are comparing it to the libraries listed below
Sorting:
- (First Public?) Sample of unhooking ntdll (All Exports & IAT imports) hooks in Rust using in-memory disassembly, avoiding direct syscalls…☆138Mar 3, 2025Updated last year
- A PoC that uses the DirSync protocol to poll Active Directory for changes☆13Aug 16, 2020Updated 5 years ago
- Generate AES128/256 Kerberos keys for an AD account using a plaintext password and Python3☆81Jun 1, 2022Updated 3 years ago
- Execute commands in other Sessions☆91Jul 29, 2024Updated last year
- ☆48Feb 11, 2023Updated 3 years ago
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆180Feb 14, 2023Updated 3 years ago
- Impersonate Tokens using only NTAPI functions☆84Apr 4, 2025Updated 11 months ago
- ☆19Mar 16, 2021Updated 5 years ago
- A VSCode devcontainer for development of COFF files with batteries included.☆50Jul 10, 2023Updated 2 years ago
- ☆36May 27, 2024Updated last year
- WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.☆282Feb 24, 2025Updated last year
- A simple script to elevate current session to SYSTEM (needs to be run as Administrator)☆16Nov 11, 2024Updated last year
- Secretsdump C# version only supporting local (live) operation☆55Apr 20, 2025Updated 11 months ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- Automatically extracts NT and LM hashes from Windows memory dumps based on volatility.☆27Oct 1, 2023Updated 2 years ago
- Port forwarding via MSRPC (445/tcp) [WIP]☆34Aug 26, 2021Updated 4 years ago
- My implementation of the GIUDA project in C++☆189Jul 25, 2023Updated 2 years ago
- Exploit POC code for CVE-2022-31898, a command injection for GL-iNet routers with firmware below 3.215☆17Nov 17, 2022Updated 3 years ago
- A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously☆32Feb 3, 2023Updated 3 years ago
- AAD related enumeration in Nim☆131Sep 7, 2023Updated 2 years ago
- Remap ntdll.dll using only NTAPI functions with a suspended process☆28Apr 13, 2025Updated 11 months ago
- Simple Aggressor Scripts for Cobalt Strike☆13Sep 24, 2020Updated 5 years ago
- 一键出网探测工具☆73Feb 25, 2023Updated 3 years ago
- Use to copy a file from an NTFS partitioned volume by reading the raw volume and parsing the NTFS structures.☆119Apr 22, 2021Updated 4 years ago
- Copy metadata and digital signatures information from one Windows executable to another using Wine on a non-Windows platform☆18Apr 17, 2024Updated last year
- Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin pr…☆237Sep 3, 2023Updated 2 years ago
- Coerce Windows machines auth via MS-EVEN☆174Jan 17, 2024Updated 2 years ago
- BYOVD collection☆24Mar 20, 2024Updated 2 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 2 years ago
- ☆181Feb 3, 2021Updated 5 years ago
- Exploitation of echo_driver.sys☆170Sep 16, 2023Updated 2 years ago
- ☆84Aug 26, 2024Updated last year
- Eset-Unload is a C++ tool that interacts with a process's loaded modules to identify and unload the ebehmoni.dll module, typically found …☆12Apr 21, 2025Updated 10 months ago
- ☆22Sep 9, 2018Updated 7 years ago
- ps-like .NET Assembly for enumerating processes on the current machine or a remote machine.☆13Aug 12, 2019Updated 6 years ago
- From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller☆440Jan 4, 2025Updated last year
- ☆48Dec 5, 2025Updated 3 months ago
- RDPThief donut shellcode inject into mstsc☆88May 24, 2021Updated 4 years ago
- Redis primary/secondary replication RCE☆45Apr 18, 2022Updated 3 years ago