WiredPulse / Invoke-HiveNightmare
PoC for CVE-2021-36934, which enables a standard user to be able to retrieve the SAM, Security, and Software Registry hives in Windows 10 version 1809 or newer
☆34Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for Invoke-HiveNightmare
- Federated Office365 user enumeration based on correlated response trend analysis☆47Updated 2 years ago
- Tradecraft Development Fundamentals☆40Updated 3 years ago
- terraform deployment for red team☆21Updated last year
- Add SD for controlled computer object to a target object for RBCD using LDAP☆38Updated 3 years ago
- A module for CME that spiders across a domain.☆35Updated 2 years ago
- ☆68Updated last year
- (kinda) Malicious Outlook Reader☆17Updated 3 years ago
- Ansible playbooks for instrumenting a Red Team environment with RedElk☆47Updated 4 years ago
- OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.☆90Updated 2 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆65Updated 4 months ago
- ☆51Updated 3 years ago
- Weaponizing CLRvoyance for Post-Ex .NET Execution☆35Updated 3 years ago
- ☆47Updated 4 years ago
- Convert an LDIF file to JSON files ingestible by BloodHound☆38Updated last month
- A Couple of Python Scripts Leveraging MS365's GraphAPI to Send Custom Calendar Events / Emails from Cheap O365 Accounts☆17Updated 6 months ago
- BloodCheck enables Red and Blue Teams to manage multiple Neo4j databases and run Cypher queries against a BloodHound dataset.☆17Updated 3 years ago
- Timestomping module: overwrite file create/modify times in .NET (no pinvoke)☆22Updated 2 years ago
- ☆41Updated 2 years ago
- A collection of Neo4j/BloodHound queries to collect interesting information.☆45Updated 2 years ago
- Python3 tool to perform password spraying against Microsoft Online service using various methods☆84Updated last year
- Find Inbound Email Domains☆21Updated 10 months ago
- ☆35Updated 3 years ago
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆53Updated 2 years ago
- Python tool to find vulnerable AD object and generating csv report☆26Updated 2 years ago
- A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket☆52Updated 4 years ago
- Dump LSASS process in Task Manager without triggering Defender.☆18Updated last year
- ☆30Updated 4 years ago