bb00 / zer0dump
Abuse CVE-2020-1472 (Zerologon) to take over a domain and then repair the local stored machine account password.
☆176Updated 2 years ago
Alternatives and similar repositories for zer0dump:
Users that are interested in zer0dump are comparing it to the libraries listed below
- This is a PowerShell Empire launcher PoC using PrintDemon and Faxhell.☆200Updated 4 years ago
- Recon-AD, an AD recon tool based on ADSI and reflective DLL’s☆325Updated 5 years ago
- A little tool to convert ccache tickets into kirbi (KRB-CRED) and vice versa based on impacket.☆166Updated 2 years ago
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆255Updated 3 years ago
- Automating juicy potato local privilege escalation exploit for penetration testers☆142Updated 3 years ago
- ☆293Updated 9 months ago
- Parse NTLM challenge messages over HTTP and SMB☆144Updated 2 years ago
- official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)☆231Updated 2 years ago
- A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts t…☆62Updated 6 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆248Updated 4 years ago
- Executes position independent shellcode from an encrypted zip☆303Updated 4 years ago
- lateral movement techniques that can be used during red team exercises☆270Updated 5 years ago
- A tool to create obfuscated HTA script.☆176Updated 3 years ago
- Macro-Enabled Excel File Generator (.xlsm) using the EPPlus Library.☆146Updated 4 years ago
- Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)☆137Updated 5 years ago
- Invoke-ZeroLogon allows attackers to impersonate any computer, including the domain controller itself, and execute remote procedure calls…☆216Updated 4 years ago
- Office 365 and Exchange Enumeration☆186Updated 5 years ago
- Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.☆202Updated 6 years ago
- ☆162Updated 2 years ago
- Exploit to SYSTEM for CVE-2021-21551☆237Updated 3 years ago
- Create a minidump of the LSASS process from memory☆260Updated 2 years ago
- Asynchronous Password Spraying Tool in C# for Windows Environments☆311Updated last year
- The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.☆478Updated 2 years ago
- Run Rubeus via Rundll32☆200Updated 4 years ago
- A list of files / paths to probe when arbitrary files can be read on a Microsoft Windows operating system☆201Updated last year
- Evading WinDefender ATP credential-theft☆254Updated 5 years ago
- WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations☆355Updated 4 years ago
- Dll that can be used for side loading and other attack vector.☆201Updated 4 years ago
- Use CVE-2020-0668 to perform an arbitrary privileged file move operation.☆216Updated 5 years ago
- poc for CVE-2020-1337 (Windows Print Spooler Elevation of Privilege)☆174Updated 4 years ago