S3cur3Th1sSh1t / SharpVeeamDecryptor
Decrypt Veeam database passwords
☆154Updated last year
Related projects ⓘ
Alternatives and complementary repositories for SharpVeeamDecryptor
- Two in one, patch lifetime powershell console, no more etw and amsi!☆79Updated 4 months ago
- Lateral Movement☆119Updated last year
- BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR☆72Updated 9 months ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆78Updated 7 months ago
- Example code samples from our ScriptBlock Smuggling Blog post☆83Updated 5 months ago
- ☆92Updated 9 months ago
- Lateral Movement via the .NET Profiler☆76Updated this week
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆66Updated last year
- Duplicate not owned Token from Running Process☆72Updated last year
- ☆66Updated 3 months ago
- Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later☆89Updated last year
- Abuse Azure API permissions for red teaming☆58Updated last year
- Source code and examples for PassiveAggression☆54Updated 5 months ago
- C# version of NTLMRawUnHide☆72Updated 2 years ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆45Updated 8 months ago
- ☆83Updated 6 months ago
- TokenCert☆83Updated last week
- To audit the security of read-only domain controllers☆113Updated 11 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆162Updated last month
- Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)☆57Updated 5 months ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆149Updated last year
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆88Updated last month
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆130Updated 2 months ago
- C# havoc implant☆96Updated last year
- ☆36Updated last month
- WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"☆113Updated 4 months ago
- Uses rpcdump to locate the ADCS server, and identify if ESC8 is vulnerable from unauthenticated perspective.☆78Updated 2 months ago
- ☆119Updated last year
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆53Updated 2 years ago
- Tool for Active Directory Certificate Services enumeration and abuse☆58Updated this week