ZephrFish/ADFSDump-PS external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ZephrFish/ADFSDump-PS

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ZephrFish/ADFSDump-PS)

Close

ZephrFish / ADFSDump-PSView on GitHubMore

• External links
• Readme badge

PowerShell Implementation of ADFSDump to assist with GoldenSAML

☆39Dec 7, 2025Updated 2 months ago

Alternatives and similar repositories for ADFSDump-PS

Users that are interested in ADFSDump-PS are comparing it to the libraries listed below

• truerustyy / wcreddump

  View on GitHub
  Fully automated windows credentials dumper, for SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine with…
  ☆80Nov 18, 2024Updated last year
• synacktiv / DLHell

  View on GitHub
  Local & remote Windows DLL Proxying
  ☆169Jun 17, 2024Updated last year
• oldboy21 / SWAPPALA

  View on GitHub
  In-memory hiding technique
  ☆63Jan 5, 2025Updated last year
• deh00ni / NtDumpBOF

  View on GitHub
  ☆100Sep 1, 2024Updated last year
• horizon3ai / CVE-2023-28324

  View on GitHub
  Ivanti EPM AgentPortal RCE Vulnerability
  ☆20Sep 16, 2024Updated last year
• 0xEr3bus / RdpStrike

  View on GitHub
  Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
  ☆250Jun 11, 2024Updated last year
• SecTheBit / ZoomBotC2

  View on GitHub
  ZoomBotC2 is a stealthy Command and Control (C2) framework that leverages Zoom's API endpoints for covert communication between implants …
  ☆56Jun 30, 2025Updated 8 months ago
• NtDallas / BOF_Spawn

  View on GitHub
  Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames
  ☆152Nov 23, 2025Updated 3 months ago
• Teach2Breach / phantom_persist_rs

  View on GitHub
  Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence
  ☆63Jun 23, 2025Updated 8 months ago
• NtDallas / Svartalfheim

  View on GitHub
  Stage 0
  ☆169Dec 18, 2024Updated last year
• Diverto / IPPrintC2

  View on GitHub
  PoC for using MS Windows printers for persistence / command and control via Internet Printing
  ☆150May 3, 2024Updated last year
• CICADA8-Research / RemoteKrbRelay

  View on GitHub
  Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
  ☆637May 8, 2025Updated 9 months ago
• iilegacyyii / DataInject-BOF

  View on GitHub
  Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll
  ☆137Apr 18, 2025Updated 10 months ago
• JC175 / CVE-2022-32119

  View on GitHub
  CVE-2022-32119 - Arox-Unrestricted-File-Upload
  ☆17Dec 20, 2023Updated 2 years ago
• rasta-mouse / SpawnWith

  View on GitHub
  ☆109Feb 17, 2025Updated last year
• floesen / KExecDD

  View on GitHub
  Admin to Kernel code execution using the KSecDD driver
  ☆265Apr 19, 2024Updated last year
• sokaRepo / CoercedPotatoRDLL

  View on GitHub
  Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege
  ☆225Nov 23, 2023Updated 2 years ago
• safedv / RustSoliloquy

  View on GitHub
  A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …
  ☆191Apr 26, 2025Updated 10 months ago
• mbadanoiu / CVE-2025-20029

  View on GitHub
  CVE-2025-20029: Command Injection in TMSH CLI in F5 BIG-IP
  ☆22Feb 23, 2025Updated last year
• blackarrowsec / Handly

  View on GitHub
  Abuse leaked token handles.
  ☆136Dec 14, 2023Updated 2 years ago
• Cracked5pider / earlycascade-injection

  View on GitHub
  early cascade injection PoC based on Outflanks blog post
  ☆237Nov 7, 2024Updated last year
• inb1ts / birdnet-poc

  View on GitHub
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆41Jul 9, 2023Updated 2 years ago
• OtterHacker / SetProcessInjection

  View on GitHub
  ☆152Oct 2, 2023Updated 2 years ago
• Offensive-Panda / LsassReflectDumping

  View on GitHub
  This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…
  ☆215Oct 19, 2024Updated last year
• rasta-mouse / process-inject-kit

  View on GitHub
  Port of Cobalt Strike's Process Inject Kit
  ☆191Dec 1, 2024Updated last year
• MayerDaniel / profiler-lateral-movement

  View on GitHub
  Lateral Movement via the .NET Profiler
  ☆100Nov 21, 2024Updated last year
• Paradoxis / ADSyncDump-BOF

  View on GitHub
  The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…
  ☆172Sep 3, 2025Updated 6 months ago
• Teach2Breach / early_cascade_inj_rs

  View on GitHub
  early cascade injection PoC based on Outflanks blog post, in rust
  ☆62Nov 8, 2024Updated last year
• netwrix / server-untrust-account

  View on GitHub
  A technique for Active Directory domain persistence
  ☆39May 31, 2023Updated 2 years ago
• Octoberfest7 / enumhandles_BOF

  View on GitHub
  ☆126Sep 1, 2024Updated last year
• MrAle98 / psinline

  View on GitHub
  in-process powershell runner for BRC4
  ☆48Oct 31, 2023Updated 2 years ago
• maliciousgroup / RDI-SRDI

  View on GitHub
  This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".
  ☆87Apr 11, 2023Updated 2 years ago
• cpu0x00 / Ghost

  View on GitHub
  Evasive shellcode loader
  ☆401Oct 17, 2024Updated last year
• lem0nSec / KBlast

  View on GitHub
  Basic interactive Windows kernel offensive toolkit written in C
  ☆137Sep 20, 2025Updated 5 months ago
• bigb0x / CVE-2024-31982

  View on GitHub
  POC for CVE-2024-31982: XWiki Platform Remote Code Execution > 14.10.20
  ☆10Jun 22, 2024Updated last year
• zyn3rgy / smbtakeover

  View on GitHub
  BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
  ☆345Nov 19, 2024Updated last year
• MalwareTech / EDR-Preloader

  View on GitHub
  An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
  ☆541Feb 13, 2024Updated 2 years ago
• absholi7ly / Bypass-authentication-GitHub-Enterprise-Server

  View on GitHub
  The authentication bypass vulnerability in GitHub Enterprise Server (GHES) allows an unauthorized attacker to access an instance of GHES …
  ☆50May 21, 2024Updated last year
• draktuls / IAF-EAF-Shellcode-bypass-PoC

  View on GitHub
  Shellcode capable of bypassing EAF / IAF mitigations
  ☆28Apr 11, 2023Updated 2 years ago