PoC for CVE-2021-36934, which enables a standard user to be able to retrieve the SAM, Security, and Software Registry hives in Windows 10 version 1809 or newer
☆35Sep 24, 2022Updated 3 years ago
Alternatives and similar repositories for Invoke-HiveNightmare
Users that are interested in Invoke-HiveNightmare are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- BOF to terminate a process via PID as argument☆28Sep 7, 2025Updated 7 months ago
- Switch to JuicyPotato! https://github.com/decoder-it/juicy-potato☆12Feb 8, 2020Updated 6 years ago
- Beacon Object File implementation of Yaxser's Backstab☆15Mar 9, 2022Updated 4 years ago
- A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.☆133Oct 1, 2023Updated 2 years ago
- A BOF tool that can be used to collect passwords using CredUIPromptForWindowsCredentialsName.☆16Jun 16, 2022Updated 3 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- VisualStudio port of https://github.com/guervild/BOFs/tree/dev/SilentLsassDump☆22Jul 6, 2023Updated 2 years ago
- Generate malicious files using recently published homoglyphic-attack (CVE-2021-42694)☆18May 23, 2023Updated 2 years ago
- Halos Gate-based NTAPI Unhooker☆52Apr 21, 2022Updated 4 years ago
- Python3 tool to perform password spraying using RDP☆17Aug 14, 2023Updated 2 years ago
- A powershell script that performs reflective parent process ID (PPID) spoofing and process hollowing to evade Windows Defender☆11Feb 17, 2023Updated 3 years ago
- Docker container escape enumeration tool.☆12Jan 23, 2021Updated 5 years ago
- Password attacks and MFA validation against various endpoints in Azure and Office 365☆151Feb 10, 2023Updated 3 years ago
- PoC: process watcher patterns to make killing a process hard.☆11Aug 1, 2018Updated 7 years ago
- Library of BOFs to interact with SQL servers☆16Dec 6, 2024Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- event shipper for Carbon Black Defense notifications☆10Feb 25, 2023Updated 3 years ago
- ADFS Brute-Force Login Script☆10Mar 19, 2024Updated 2 years ago
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆219May 3, 2023Updated 3 years ago
- Tutorial covering how to discover DLLs for Hijacking and how to create proxy DLLS using Microsoft Teams as an example☆16Apr 7, 2021Updated 5 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- Out-of-the-Box Tool to Obfuscate Excel XLS. Include Obfuscation & Hide for Cell Labels & BoundSheets☆48Aug 4, 2021Updated 4 years ago
- A little scanner to check the LDAP Signing state☆46Aug 2, 2021Updated 4 years ago
- A PowerShell script that checks for dangerous ACLs on system hives and shadows☆28Jul 21, 2021Updated 4 years ago
- dcsync bof☆52Feb 13, 2026Updated 2 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆16Jun 16, 2021Updated 4 years ago
- Collection of things I've written on pentests to make life easier.☆16Mar 14, 2019Updated 7 years ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated last year
- Filesystem interaction via firebeam virtual machine execution☆52Mar 26, 2026Updated last month
- PIC lsass dumper using cloned handles☆594Oct 18, 2022Updated 3 years ago
- One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html☆416Nov 10, 2024Updated last year
- PIC code gen and loading☆13Jul 25, 2017Updated 8 years ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- AIDA64DRIVER Elevation of Privilege Vulnerability☆17Oct 25, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆91Dec 15, 2022Updated 3 years ago
- Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types☆419Mar 21, 2025Updated last year
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF)☆319Nov 9, 2021Updated 4 years ago
- DAFT: Database Audit Framework & Toolkit☆184Aug 11, 2021Updated 4 years ago
- Scripts for public use that we've randomly written, or have updated from other people's work.☆40Jun 25, 2024Updated last year
- Ruby On Rails unrestricted render() exploit☆16Feb 9, 2018Updated 8 years ago
- A parser to extract information from .nessus file format☆23Mar 26, 2021Updated 5 years ago