YossiSassi / Invoke-AdminSDHolderPermissionCheckLinks
Analyzes AdminSDHolder permissions & compares with default baseline or a previous run, to detect potential backdoor/excessive persistent permission(s)
☆15Updated last month
Alternatives and similar repositories for Invoke-AdminSDHolderPermissionCheck
Users that are interested in Invoke-AdminSDHolderPermissionCheck are comparing it to the libraries listed below
Sorting:
- ☆19Updated last year
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Updated 2 years ago
- DFSCoerce exe revisited version with custom authentication☆40Updated last year
- Validates priv escalation of AD trusts☆39Updated 2 months ago
- ☆22Updated last year
- Proof of Concept Exploit for CVE-2024-9465☆29Updated 7 months ago
- ☆48Updated 2 years ago
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆30Updated 2 months ago
- A tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs)☆57Updated this week
- .NET port of Leron Gray's azbelt tool.☆26Updated last year
- A simple rpc2socks alternative in pure Go.☆28Updated 10 months ago
- ShootCutMe an .LNK file creator tool for redteamer☆13Updated 8 months ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33Updated last year
- Multi-threaded C2 framework built in Flask with keylogger - from the Offensive C# Course by Naga Sai Nikhil☆21Updated 2 years ago
- Tools for Attacking Pleasant Password Server☆22Updated last year
- A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…☆32Updated 2 years ago
- Items related to the RedELK workshop given at security conferences☆29Updated last year
- ☆25Updated 3 years ago
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆32Updated last month
- ☆52Updated last year
- A vSphere deployment of GOADv2 BETA Testing (v0.1)☆26Updated last year
- Modified version of Impacket to use dynamic NTLMv2 Challenge/Response☆18Updated 2 years ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆32Updated last year
- Cobalt Strike BOFS☆16Updated last year
- All my POC related to malware development☆11Updated last year
- Generate password spraying lists based on the pwdLastSet-attribute of users.☆56Updated last year
- SAM Dumping in C#☆48Updated 4 months ago
- ☆30Updated 2 years ago
- Tomcat backdoor based on CS blog☆27Updated last year
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆39Updated last year