arth0sz / Practice-AD-CS-Domain-Escalation
Introductory guide on the configuration and subsequent exploitation of Active Directory Certificate Services with Certipy. Based on the white paper Certified Pre-Owned.
☆125Updated last year
Alternatives and similar repositories for Practice-AD-CS-Domain-Escalation:
Users that are interested in Practice-AD-CS-Domain-Escalation are comparing it to the libraries listed below
- A cheatsheet for NetExec☆114Updated 2 months ago
- Lord Of Active Directory - automatic vulnerable active directory on AWS☆141Updated last year
- FindGPPPasswords, A cross-platform tool to find and decrypt Group Policy Preferences passwords from the SYSVOL share using low-privileged…☆137Updated this week
- Continuous password spraying tool☆178Updated last month
- linikatz is a tool to attack AD on UNIX☆145Updated last year
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆296Updated 4 months ago
- ☆79Updated this week
- Retrieve and display information about active user sessions on remote computers. No admin privileges required.☆181Updated 7 months ago
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆279Updated this week
- Make everyone in your VLAN ASRep roastable☆187Updated last month
- NukeAMSI is a powerful tool designed to neutralize the Antimalware Scan Interface (AMSI) in Windows environments.☆149Updated 2 months ago
- ☆213Updated 5 months ago
- Study materials for the Certified Red Team Expert (CRTE) exam, covering essential concepts in red teaming and penetration testing.☆126Updated last year
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆203Updated 3 months ago
- ☆141Updated 4 months ago
- A script to generate AV evaded(static) DLL shellcode loader with AES encryption.☆102Updated last week
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆170Updated 2 years ago
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆174Updated last month
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆160Updated 4 months ago
- Azure AD cheatsheet for the CARTP course☆110Updated 2 years ago
- psexecsvc - a python implementation of PSExec's native service implementation☆188Updated last month
- ☆117Updated last week
- Automated exploitation of MSSQL servers at scale☆108Updated this week
- Snaffler reimplementation in Python - https://github.com/SnaffCon/Snaffler☆98Updated 5 months ago
- Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀☆181Updated last month
- ☆81Updated last month
- Identifies the bytes that Microsoft Defender flags on.☆84Updated 2 years ago
- Attempt at Obfuscated version of SharpCollection☆206Updated this week
- PowerShell Reverse Shell☆61Updated last year
- SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.☆205Updated 3 months ago