Analyzes AdminSDHolder permissions & compares with default baseline or a previous run, to detect potential backdoor/excessive persistent permission(s)
☆16Apr 8, 2025Updated 11 months ago
Alternatives and similar repositories for Invoke-AdminSDHolderPermissionCheck
Users that are interested in Invoke-AdminSDHolderPermissionCheck are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆16Jun 15, 2025Updated 9 months ago
- Exploit Proof-of-Concept code for XAMPP v3.3.0 — '.ini' Buffer Overflow (Unicode + SEH)☆14Nov 1, 2023Updated 2 years ago
- Yet Another Memory Analyzer for malware detection☆24Aug 4, 2023Updated 2 years ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- Provides a way to configure user rights assignments in local security policies using PowerShell without using secedit.exe.☆22Feb 14, 2026Updated last month
- Eset-Unload is a C++ tool that interacts with a process's loaded modules to identify and unload the ebehmoni.dll module, typically found …☆12Apr 21, 2025Updated 11 months ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆13Feb 4, 2024Updated 2 years ago
- Various PowerShell scripts that may be useful during red team exercise☆21Apr 28, 2022Updated 3 years ago
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆17Jul 22, 2022Updated 3 years ago
- ☆79Aug 2, 2023Updated 2 years ago
- Tools for Attacking Pleasant Password Server☆23Sep 19, 2023Updated 2 years ago
- 👋 Ever performed an action in the Microsoft admin portals like Entra or Intune and wished you knew how to script it? Graph X-Ray gives y…☆36Aug 13, 2025Updated 7 months ago
- Template Nuclei SSTI☆34Nov 18, 2025Updated 4 months ago
- Exploiting: CVE-2021-41349☆11Jan 6, 2022Updated 4 years ago
- Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…☆21Jan 28, 2024Updated 2 years ago
- Loading and executing shellcode in C# without PInvoke.☆22Jan 10, 2022Updated 4 years ago
- just manipulatin these here tokens yes sir nothing weird☆22Apr 18, 2022Updated 3 years ago
- A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.☆391Jan 20, 2026Updated 2 months ago
- A utility that can be used to launch an executable with a DLL injected☆19Nov 20, 2023Updated 2 years ago
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆32Mar 8, 2025Updated last year
- A script to help stay in control of guest access in Entra ID☆24Sep 4, 2025Updated 6 months ago
- wsnet☆26Mar 4, 2026Updated 3 weeks ago
- This extension enhances Burp Suite by adding several UI and functional features, making it more user-friendly.☆76Dec 17, 2024Updated last year
- This is the latest version of BinHunter paper☆13Apr 13, 2025Updated 11 months ago
- Exploit for CVE-2024-5009☆13Jul 8, 2024Updated last year
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆27Sep 15, 2023Updated 2 years ago
- Powershell Module to Convert images to Sixel/InlineImage/Kitty☆51Mar 16, 2026Updated last week
- C++ Code to perform a MiniDump of lsass.exe☆36Aug 2, 2023Updated 2 years ago
- Microsoft Telnet Client MS-TNAP Server-Side Authentication Token Exploit☆63Feb 2, 2026Updated last month
- jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()…☆11Apr 9, 2021Updated 4 years ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆52Jul 15, 2023Updated 2 years ago
- An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.☆16Nov 1, 2023Updated 2 years ago
- Slides from out talk at BH IL 2022☆29Mar 21, 2022Updated 4 years ago
- Toolkit of Projects to attack and evade Event Trace for Windows☆26Aug 28, 2025Updated 6 months ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆35Oct 31, 2023Updated 2 years ago
- ☆32Sep 23, 2022Updated 3 years ago
- Wrapper for concurrent batch processing of testssl.sh commands☆13Mar 15, 2019Updated 7 years ago
- testing123☆13Nov 23, 2024Updated last year