A tool to interact with Windows drivers to perform a raw disk read and parse out target files without calling standard Windows file APIs
☆107Sep 4, 2025Updated 5 months ago
Alternatives and similar repositories for raw-disk-parser
Users that are interested in raw-disk-parser are comparing it to the libraries listed below
Sorting:
- Dump Teams conversations☆18Jun 9, 2021Updated 4 years ago
- SCEP request tool for AD CS and Intune☆73Oct 24, 2025Updated 4 months ago
- A C and Go /proc/pid/maps cloak of invisibilty for shared object files☆21Nov 19, 2025Updated 3 months ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆75May 1, 2024Updated last year
- A malicious OAuth application that can be leveraged for both internal and external phishing attacks targeting Microsoft Azure and Office3…☆167Jul 31, 2025Updated 6 months ago
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆41Dec 8, 2023Updated 2 years ago
- Fairy Law - Compromise or disable EDR security solutions☆68Dec 1, 2025Updated 2 months ago
- about how to make a anti-virus engine☆106May 22, 2025Updated 9 months ago
- Fast Windows post-exploitation wins after initial access.☆29Jan 28, 2026Updated 3 weeks ago
- ☆43Jul 17, 2025Updated 7 months ago
- Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows …☆264Sep 23, 2025Updated 5 months ago
- A python library to create BloodHound OpenGraphs☆53Feb 4, 2026Updated 3 weeks ago
- DirSync is a simple proof of concept PowerShell module to demonstrate the impact of delegating DS-Replication-Get-Changes and DS-Replicat…☆29Apr 26, 2023Updated 2 years ago
- Toolset to manipulate RPC clients by finding delayed services and masquerading as them☆108Aug 18, 2025Updated 6 months ago
- Group Policy Objects manipulation and exploitation framework☆291Dec 7, 2025Updated 2 months ago
- A tool to work with all types of Kerberos delegations (unconstrained, constrained, and resource-based constrained delegations) in Active …☆214Jan 12, 2026Updated last month
- A simple tool to identify WDS servers in Active Directory☆32Aug 25, 2025Updated 6 months ago
- ☆96Aug 3, 2025Updated 6 months ago
- Founding is a generator that will create a loader encrypted or obfuscated with different execution types☆127Aug 23, 2025Updated 6 months ago
- Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By f…�☆325Oct 20, 2025Updated 4 months ago
- Dumping App Bound Protected Credentials & Cookies Without Privileges.☆166May 28, 2025Updated 8 months ago
- ☆92May 15, 2024Updated last year
- ☆26Aug 11, 2025Updated 6 months ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- Locate dlls and function addresses without PEB Walk and EAT parsing☆104Nov 7, 2025Updated 3 months ago
- Test AMSI Provider implementation in C#☆42Dec 18, 2024Updated last year
- PoC exploit for the vulnerable WatchDog Anti-Malware driver (amsdk.sys) – weaponized to kill protected EDR/AV processes via BYOVD.☆180Sep 11, 2025Updated 5 months ago
- ForsHops☆152Mar 25, 2025Updated 11 months ago
- Obex – Blocking unwanted DLLs in user mode☆281Sep 18, 2025Updated 5 months ago
- Fast context enumeration for newly obtained Active Directory credentials.☆86Aug 26, 2025Updated 6 months ago
- A lightweight PowerShell tool for assessing the security posture of Microsoft Entra ID environments. It helps identify privileged object…☆315Feb 8, 2026Updated 2 weeks ago
- .NET tool used to enrich RPC telemetry☆101Jan 24, 2026Updated last month
- Listener that spawns a new tmux window for each incoming reverse shell + Supports listening on many ports☆59Jul 13, 2025Updated 7 months ago
- Ebyte-Go-Morpher is a Go program that parses, analyzes, and rewrites Go source code to apply multiple layers of obfuscation. It operates …☆122Jul 19, 2025Updated 7 months ago
- Linux Process Injection via Seccomp Notifier☆83Dec 9, 2025Updated 2 months ago
- GitLab Attack TOolkit☆34Oct 8, 2025Updated 4 months ago
- ☆38Oct 12, 2020Updated 5 years ago
- JamfHound is a python3 project designed to collect and identify attack paths in Jamf Pro tenants based on existing object permissions by …☆121Sep 2, 2025Updated 5 months ago
- This is the tool to dump the LSASS process on modern Windows 11☆557Nov 1, 2025Updated 3 months ago