A wrapper of ldap_shell.py module which in ntlmrelayx
☆62Sep 22, 2022Updated 3 years ago
Alternatives and similar repositories for LDAPShell
Users that are interested in LDAPShell are comparing it to the libraries listed below
Sorting:
- CrackMapExec extension module/protocol support☆43Sep 12, 2023Updated 2 years ago
- 利用RPC服务,内网批量探测Windows出网☆14Jun 24, 2022Updated 3 years ago
- ☆15Aug 1, 2023Updated 2 years ago
- mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socke…☆19Mar 11, 2023Updated 3 years ago
- Zerologon exploit with restore DC password automatically☆146Mar 15, 2024Updated 2 years ago
- CVE-2021-42287/CVE-2021-42278 exploits in powershell☆38Apr 4, 2022Updated 3 years ago
- More EFS coerced authentication method with PetitPotam.py☆28Mar 21, 2023Updated 2 years ago
- impacket编程手册☆104Oct 13, 2023Updated 2 years ago
- If you only have hash, you can still operate exchange☆78Oct 21, 2021Updated 4 years ago
- Modify version of impacket wmiexec.py, get output(data,response) from registry, don't need SMB connection, also bypassing antivirus-softw…☆277Apr 4, 2023Updated 2 years ago
- C2 redirector base on caddy☆213May 28, 2024Updated last year
- .Net 反序列化漏洞学习☆15Aug 29, 2020Updated 5 years ago
- ad vulnerability scanner☆74Dec 21, 2023Updated 2 years ago
- ☆12Oct 9, 2020Updated 5 years ago
- 通过gzip一边压缩一边使用tcp上传文件夹。☆17Nov 12, 2022Updated 3 years ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆186Jun 22, 2022Updated 3 years ago
- A tool written in golang which compress using UPX and patch it with the provided PE file to make "UPX -d" flag impossible to decompress a…☆31Jan 2, 2025Updated last year
- 强制认证扫描与利用☆12Jul 21, 2023Updated 2 years ago
- RPC远程主机信息匿名扫描工具☆319Sep 30, 2022Updated 3 years ago
- Recovering NTLM hashes from Credential Guard☆377Dec 26, 2022Updated 3 years ago
- 通过WindowsAPI获取用户凭证,并保存到文件中☆195Jun 18, 2024Updated last year
- Memshell☆294Dec 7, 2021Updated 4 years ago
- Some Service DCOM Object and SeImpersonatePrivilege abuse.☆372Dec 9, 2022Updated 3 years ago
- mssqlproxy python3.5+ 并修复bug☆65Mar 15, 2023Updated 3 years ago
- PrintNotifyPotato☆539Dec 2, 2022Updated 3 years ago
- NTLM relay test.☆195Jun 26, 2025Updated 8 months ago
- Computer object takeover through Resource-Based Constrained Delegation (msDS-AllowedToActOnBehalfOfOtherIdentity)☆197Feb 1, 2021Updated 5 years ago
- PrintSpoofer的反射dll实现,结合Cobalt Strike使用☆87Oct 7, 2021Updated 4 years ago
- 获取服务器或域控登录日志☆276Sep 8, 2023Updated 2 years ago
- 提取域控日志,支持远程提取☆171Mar 17, 2025Updated last year
- command execute without 445 port☆57Feb 25, 2022Updated 4 years ago
- Python3 script to quickly get various information from a domain controller through his LDAP service.☆14Jan 4, 2022Updated 4 years ago
- Cobalt Strike BOF that Add a user to localgroup by samr☆135Nov 30, 2022Updated 3 years ago
- Kubernetes has its “ADCS” -- How To Backdoor a Kubernetes in silence and more persistent?☆41Nov 16, 2025Updated 4 months ago
- From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller☆440Jan 4, 2025Updated last year
- A .NET implementation to dump SAM / SECURITY / SYSTEM registry hives☆56Sep 25, 2020Updated 5 years ago
- c# implementation of Active Directory Integrated DNS dumping (authenticated user)☆206May 25, 2021Updated 4 years ago
- ☆49May 8, 2023Updated 2 years ago
- Yet another SharpSphere☆227Aug 1, 2021Updated 4 years ago