api0cradle / CVE-2023-23397-POC-Powershell

Related projects ⓘ

Alternatives and complementary repositories for CVE-2023-23397-POC-Powershell

• mpgn / BackupOperatorToDA
  From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller
  ☆398Updated 2 years ago
• bugch3ck / SharpEfsPotato
  Local privilege escalation from SeImpersonatePrivilege using EfsRpc.
  ☆304Updated 2 years ago
• nettitude / SharpWSUS
  ☆441Updated last year
• Dec0ne / DavRelayUp
  DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …
  ☆521Updated last year
• CsEnox / EventViewer-UACBypass
  🍊 Orange Tsai EventViewer RCE
  ☆169Updated 2 years ago
• zblurx / certsync
  Dump NTDS with golden certificates and UnPAC the hash
  ☆623Updated 7 months ago
• Cobalt-Strike / Malleable-C2-Profiles
  Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable…
  ☆193Updated last month
• N7WEra / BofAllTheThings
  Creating a repository with all public Beacon Object Files (BoFs)
  ☆420Updated last year
• Hackndo / WebclientServiceScanner
  Python tool to Check running WebClient services on multiple targets based on @leechristensen
  ☆252Updated 3 years ago
• S3cur3Th1sSh1t / SharpImpersonation
  A User Impersonation tool - via Token or Shellcode injection
  ☆400Updated 2 years ago
• ShutdownRepo / targetedKerberoast
  Kerberoast with ACL abuse capabilities
  ☆327Updated 2 weeks ago
• wh0amitz / S4UTomato
  Escalate Service Account To LocalSystem via Kerberos
  ☆389Updated last year
• trustedsec / orpheus
  Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types
  ☆366Updated last year
• testanull / ProxyNotShell-PoC
  ☆401Updated last year
• Helixo32 / NimBlackout
  Kill AV/EDR leveraging BYOVD attack
  ☆307Updated last year
• fortalice / bofhound
  Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
  ☆297Updated 8 months ago
• wsummerhill / C2_RedTeam_CheatSheets
  Useful C2 techniques and cheatsheets learned from engagements
  ☆425Updated 3 weeks ago
• deepinstinct / Lsass-Shtinkering
  ☆377Updated last year
• ShutdownRepo / ShadowCoerce
  MS-FSRVP coercion abuse PoC
  ☆271Updated 2 years ago
• Octoberfest7 / MemFiles
  A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
  ☆426Updated 4 months ago
• ly4k / Pachine
  Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)
  ☆270Updated 2 years ago
• PShlyundin / ldap_shell
  AD ACL abuse
  ☆257Updated 3 months ago
• cepxeo / dll4shell
  Shellcode launcher for AV bypass
  ☆214Updated 10 months ago
• icyguider / MoreImpacketExamples
  More examples using the Impacket library designed for learning purposes.
  ☆262Updated 2 years ago
• synacktiv / GPOddity
  The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).
  ☆262Updated this week
• wh0amitz / SharpADWS
  Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
  ☆455Updated 7 months ago
• mertdas / PrivKit
  PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.
  ☆364Updated 4 months ago
• ly4k / PassTheChallenge
  Recovering NTLM hashes from Credential Guard
  ☆327Updated last year
• REDMED-X / OperatorsKit
  Collection of Beacon Object Files (BOF) for Cobalt Strike
  ☆531Updated 3 months ago
• nickvourd / COM-Hunter
  COM Hijacking VOODOO
  ☆257Updated 8 months ago