Analyzes AdminSDHolder permissions & compares with default baseline or a previous run, to detect potential backdoor/excessive persistent permission(s)
☆16Apr 8, 2025Updated last year
Alternatives and similar repositories for Invoke-AdminSDHolderPermissionCheck
Users that are interested in Invoke-AdminSDHolderPermissionCheck are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆16Jun 15, 2025Updated 10 months ago
- Exploit Proof-of-Concept code for XAMPP v3.3.0 — '.ini' Buffer Overflow (Unicode + SEH)☆14Nov 1, 2023Updated 2 years ago
- Yet Another Memory Analyzer for malware detection☆24Aug 4, 2023Updated 2 years ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Provides a way to configure user rights assignments in local security policies using PowerShell without using secedit.exe.☆22Feb 14, 2026Updated 2 months ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆13Feb 4, 2024Updated 2 years ago
- Various PowerShell scripts that may be useful during red team exercise☆21Apr 28, 2022Updated 4 years ago
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆17Jul 22, 2022Updated 3 years ago
- ☆79Aug 2, 2023Updated 2 years ago
- Tools for Attacking Pleasant Password Server☆23Sep 19, 2023Updated 2 years ago
- Template Nuclei SSTI☆34Nov 18, 2025Updated 5 months ago
- Exploiting: CVE-2021-41349☆11Jan 6, 2022Updated 4 years ago
- Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…☆21Jan 28, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Loading and executing shellcode in C# without PInvoke.☆22Jan 10, 2022Updated 4 years ago
- just manipulatin these here tokens yes sir nothing weird☆21Apr 18, 2022Updated 4 years ago
- A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.☆397Jan 20, 2026Updated 3 months ago
- A utility that can be used to launch an executable with a DLL injected☆19Nov 20, 2023Updated 2 years ago
- 👋 Ever performed an action in the Microsoft admin portals like Entra or Intune and wished you knew how to script it? Graph X-Ray gives y…☆50Apr 8, 2026Updated 3 weeks ago
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.��☆32Mar 8, 2025Updated last year
- wsnet☆26Mar 4, 2026Updated 2 months ago
- A script to help stay in control of guest access in Entra ID☆24Sep 4, 2025Updated 8 months ago
- This extension enhances Burp Suite by adding several UI and functional features, making it more user-friendly.☆76Dec 17, 2024Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- This is the latest version of BinHunter paper☆13Apr 13, 2025Updated last year
- Exploit for CVE-2024-5009☆13Jul 8, 2024Updated last year
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆27Sep 15, 2023Updated 2 years ago
- Powershell Module to Convert images to Sixel/InlineImage/Kitty☆51Apr 27, 2026Updated last week
- C++ Code to perform a MiniDump of lsass.exe☆36Aug 2, 2023Updated 2 years ago
- Microsoft Telnet Client MS-TNAP Server-Side Authentication Token Exploit☆63Feb 2, 2026Updated 3 months ago
- jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()…☆11Apr 9, 2021Updated 5 years ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆54Jul 15, 2023Updated 2 years ago
- An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.☆16Nov 1, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Slides from out talk at BH IL 2022☆29Mar 21, 2022Updated 4 years ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆36Oct 31, 2023Updated 2 years ago
- ☆32Sep 23, 2022Updated 3 years ago
- Toolkit of Projects to attack and evade Event Trace for Windows☆27Aug 28, 2025Updated 8 months ago
- Wrapper for concurrent batch processing of testssl.sh commands☆13Mar 15, 2019Updated 7 years ago
- ☆12Feb 8, 2018Updated 8 years ago
- An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component☆11Aug 5, 2023Updated 2 years ago