Tools for decoding TPM SPI transaction and extracting the BitLocker key from them.
☆318Mar 8, 2022Updated 4 years ago
Alternatives and similar repositories for bitlocker-spi-toolkit
Users that are interested in bitlocker-spi-toolkit are comparing it to the libraries listed below
Sorting:
- Decrypt the bitlocker FVEK for a bitlocker encrypted drive.☆45Feb 22, 2026Updated 2 weeks ago
- A low pin count sniffer for ICEStick - targeting TPM chips☆172Jun 8, 2020Updated 5 years ago
- FUSE driver to read/write Windows' BitLocker-ed volumes under Linux / Mac OSX☆1,868Jan 8, 2026Updated 2 months ago
- Code and data artifacts for our paper: "faulTPM: Exposing AMD fTPMs’ Deepest Secrets"☆116Apr 14, 2023Updated 2 years ago
- A list of public attacks on BitLocker☆414Aug 9, 2025Updated 7 months ago
- hostapd and wpa_supplicant 2.7 vulnerable to Mathy's WPA3 bugs☆23Jul 26, 2019Updated 6 years ago
- Evil client portion of EAP relay attack☆214Jul 5, 2023Updated 2 years ago
- JXA implementation of some SwiftBelt functions. Author: Cedric Owens☆46Jun 22, 2023Updated 2 years ago
- User enumeration with Microsoft Teams API☆175Jul 9, 2021Updated 4 years ago
- Execute Mimikatz with different technique☆51Nov 8, 2021Updated 4 years ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- libsigrok stacked Protocol Decoder for TPM 2.0 & TPM 1.2 transactions from an SPI bus. BitLocker Volume Master Key (VMK) are automaticall…☆25May 23, 2022Updated 3 years ago
- Iterative AD discovery toolkit for offensive operations☆85Mar 16, 2020Updated 5 years ago
- "Golden" certificates☆708Aug 17, 2024Updated last year
- ☆76May 23, 2024Updated last year
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆866Mar 20, 2023Updated 2 years ago
- TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts☆1,371Oct 22, 2025Updated 4 months ago
- SCOMDecrypt is a tool to decrypt stored RunAs credentials from SCOM servers☆132Nov 10, 2023Updated 2 years ago
- AADInternals PowerShell module for administering Azure AD and Office 365☆1,599Sep 30, 2025Updated 5 months ago
- Identify the attack paths in BloodHound breaking your AD tiering☆326Nov 6, 2022Updated 3 years ago
- A tool for checking if MFA is enabled on multiple Microsoft Services☆1,635Mar 4, 2025Updated last year
- My doodles as I learn C#☆76Sep 6, 2020Updated 5 years ago
- A collection of Azure AD/Entra tools for offensive and defensive security purposes☆2,535Feb 5, 2026Updated last month
- Windows Privilege Escalation from User to Domain Admin.☆1,447Dec 18, 2022Updated 3 years ago
- ☆380Aug 7, 2023Updated 2 years ago
- Enumerate all network shares in the current domain. Also, can resolve names to IP addresses.☆303Mar 4, 2020Updated 6 years ago
- Library and tools to access the BitLocker Drive Encryption (BDE) encrypted volumes☆243Dec 19, 2025Updated 2 months ago
- ☆16Jul 7, 2020Updated 5 years ago
- ☆105Jul 31, 2024Updated last year
- A C# utility for interacting with SCCM☆682Aug 20, 2025Updated 6 months ago
- A collection of scripts for assessing Microsoft Azure security☆2,313Oct 29, 2025Updated 4 months ago
- PowerShell toolkit for AD CS auditing based on the PSPKI toolkit.☆920Feb 28, 2024Updated 2 years ago
- OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team…☆819Oct 27, 2023Updated 2 years ago
- Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime pat…☆879Mar 29, 2021Updated 4 years ago
- Self-developed tools for Lateral Movement/Code Execution☆718Aug 17, 2021Updated 4 years ago
- Framework for Kerberos relaying☆936May 29, 2022Updated 3 years ago
- A standalone DLL that exports databases in cleartext once injected in the KeePass process.☆300Mar 1, 2023Updated 3 years ago
- Userland API Unhooker Project☆111Jun 14, 2021Updated 4 years ago
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user☆1,042Jul 10, 2022Updated 3 years ago