PoC for CVE-2021-36934, which enables a standard user to be able to retrieve the SAM, Security, and Software Registry hives in Windows 10 version 1809 or newer
☆35Sep 24, 2022Updated 3 years ago
Alternatives and similar repositories for Invoke-HiveNightmare
Users that are interested in Invoke-HiveNightmare are comparing it to the libraries listed below
Sorting:
- BOF to terminate a process via PID as argument☆28Sep 7, 2025Updated 5 months ago
- Switch to JuicyPotato! https://github.com/decoder-it/juicy-potato☆12Feb 8, 2020Updated 6 years ago
- A BOF tool that can be used to collect passwords using CredUIPromptForWindowsCredentialsName.☆16Jun 16, 2022Updated 3 years ago
- Beacon Object File implementation of Yaxser's Backstab☆15Mar 9, 2022Updated 3 years ago
- Password attacks and MFA validation against various endpoints in Azure and Office 365☆153Feb 10, 2023Updated 3 years ago
- PoC: process watcher patterns to make killing a process hard.☆11Aug 1, 2018Updated 7 years ago
- AIDA64DRIVER Elevation of Privilege Vulnerability☆16Oct 25, 2024Updated last year
- dcsync bof☆44Feb 13, 2026Updated 2 weeks ago
- A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.☆132Oct 1, 2023Updated 2 years ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated 10 months ago
- Ruby On Rails unrestricted render() exploit☆16Feb 9, 2018Updated 8 years ago
- Docker container escape enumeration tool.☆12Jan 23, 2021Updated 5 years ago
- Halos Gate-based NTAPI Unhooker☆52Apr 21, 2022Updated 3 years ago
- A powershell script that performs reflective parent process ID (PPID) spoofing and process hollowing to evade Windows Defender☆11Feb 17, 2023Updated 3 years ago
- VisualStudio port of https://github.com/guervild/BOFs/tree/dev/SilentLsassDump☆24Jul 6, 2023Updated 2 years ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- Misery Loader to bypass modern EDR solutions☆18Dec 20, 2024Updated last year
- A little scanner to check the LDAP Signing state☆46Aug 2, 2021Updated 4 years ago
- Print the strings of encoded printable characters in files☆12Jul 19, 2015Updated 10 years ago
- ☆36Dec 4, 2025Updated 3 months ago
- Python3 tool to perform password spraying using RDP☆16Aug 14, 2023Updated 2 years ago
- Tutorial covering how to discover DLLs for Hijacking and how to create proxy DLLS using Microsoft Teams as an example☆16Apr 7, 2021Updated 4 years ago
- Library of BOFs to interact with SQL servers☆16Dec 6, 2024Updated last year
- PIC code gen and loading☆13Jul 25, 2017Updated 8 years ago
- ☆22Jun 21, 2022Updated 3 years ago
- Ansible role to deploy RedELK server☆19Sep 11, 2023Updated 2 years ago
- Windows 权限提升 BadPotato☆14Jun 12, 2021Updated 4 years ago
- Impersonate Tokens using only NTAPI functions☆84Apr 4, 2025Updated 11 months ago
- Get or remove RunMRU values☆61Dec 11, 2019Updated 6 years ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated 11 months ago
- MS15-076 Privilege Escalation☆16Aug 11, 2015Updated 10 years ago
- Port of the EDRSilencer tool (https://github.com/netero1010/EDRSilencer) to BOF format☆33Oct 22, 2024Updated last year
- PIC lsass dumper using cloned handles☆594Oct 18, 2022Updated 3 years ago
- Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types☆412Mar 21, 2025Updated 11 months ago
- Dump LSASS by spoofing command line arguments to procdump.☆20Oct 21, 2024Updated last year
- ☆26Sep 29, 2018Updated 7 years ago
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆220May 3, 2023Updated 2 years ago
- One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html☆415Nov 10, 2024Updated last year
- Out-of-the-Box Tool to Obfuscate Excel XLS. Include Obfuscation & Hide for Cell Labels & BoundSheets☆48Aug 4, 2021Updated 4 years ago