利用RPC服务,内网批量探测Windows出网
☆14Jun 24, 2022Updated 3 years ago
Alternatives and similar repositories for WinRpcTest
Users that are interested in WinRpcTest are comparing it to the libraries listed below
Sorting:
- A wrapper of ldap_shell.py module which in ntlmrelayx☆62Sep 22, 2022Updated 3 years ago
- More EFS coerced authentication method with PetitPotam.py☆28Mar 21, 2023Updated 2 years ago
- Breaking fastjson with forward shell☆22Sep 1, 2022Updated 3 years ago
- ☆11Nov 17, 2025Updated 4 months ago
- mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socke…☆19Mar 11, 2023Updated 3 years ago
- ☆15Aug 1, 2023Updated 2 years ago
- Shellcode antivirus evasion framework☆27Jan 16, 2021Updated 5 years ago
- CrackMapExec extension module/protocol support☆43Sep 12, 2023Updated 2 years ago
- WinRemoteEnum is a module-based collection of operations achievable by a low-privileged domain user.☆13Oct 24, 2022Updated 3 years ago
- gosocks is a golang based implementation of a socks5 server which supports custom handlers☆12Mar 10, 2026Updated last week
- use aswArPot.sys to kill process☆69Aug 26, 2022Updated 3 years ago
- 替代PrintBug用于本地提权的新方式,主要利用MS-EFSR协议中的接口函数 借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式 Drawing on the use of the EFSR protocol in Potitpotam, …☆149Mar 13, 2022Updated 4 years ago
- ThinkPHP 3.2.X POC Report By 风起☆12Apr 24, 2023Updated 2 years ago
- 魔改shadowsocks,实现socks5内网穿透。☆63Nov 28, 2025Updated 3 months ago
- A .NET implementation to dump SAM / SECURITY / SYSTEM registry hives☆56Sep 25, 2020Updated 5 years ago
- The NBTscan mod for Windows without dependency of cygwin☆53Sep 12, 2020Updated 5 years ago
- Modify version of impacket wmiexec.py, get output(data,response) from registry, don't need SMB connection, also bypassing antivirus-softw…☆277Apr 4, 2023Updated 2 years ago
- Stop Windows Defender programmatically☆15Jan 17, 2022Updated 4 years ago
- Mssql利用工具☆276Aug 7, 2023Updated 2 years ago
- 导出coremail联系人☆18Apr 19, 2023Updated 2 years ago
- 自己写的一些poc脚本☆13Feb 23, 2024Updated 2 years ago
- command execute without 445 port☆57Feb 25, 2022Updated 4 years ago
- A little scanner to check the LDAP Signing state☆46Aug 2, 2021Updated 4 years ago
- Some traffic encryption webshell and encoder for AntSword. 蚁剑流量加密马及编码器☆75Dec 5, 2020Updated 5 years ago
- python编写的多个通达常见漏洞exp☆38Aug 26, 2021Updated 4 years ago
- Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947)☆11Apr 15, 2022Updated 3 years ago
- ☆12Nov 16, 2023Updated 2 years ago
- PoC code for CVE-2020-16939 Windows Group Policy DACL Overwrite Privilege Escalation☆12Oct 27, 2020Updated 5 years ago
- NetBIOS scanning tool written in c#☆70Aug 6, 2021Updated 4 years ago
- This program loads and shows the resources of binary files such as EXE and DLL☆16Jul 6, 2020Updated 5 years ago
- An execute-assembly compatible tool for spraying local admin hashes on an Active Directory domain.☆18Apr 30, 2021Updated 4 years ago
- 域信息收集工具☆11Jun 5, 2023Updated 2 years ago
- A collection of Cobalt Strike Malleable C2 profiles☆36Oct 13, 2020Updated 5 years ago
- 用来存放平时写的一些net内存马,仅用于练手,需要可以自行修改☆90May 3, 2022Updated 3 years ago
- A lsass dump tool using MiniDumpWriteDump & syscall(NtOpenProcess) technique. only tested on windows 11 with defender enabled:-)☆17Oct 11, 2023Updated 2 years ago
- 红队应急响应工具(支持麒麟系统)☆54Aug 13, 2025Updated 7 months ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into a SQL DB☆24Jun 27, 2025Updated 8 months ago
- Zerologon exploit with restore DC password automatically☆146Mar 15, 2024Updated 2 years ago
- 通过webshell实现的内网穿透工具☆49Nov 19, 2019Updated 6 years ago