byinarie / teams_dumpView external linksLinks
PoC for dumping and decrypting cookies in the latest version of Microsoft Teams
☆132Nov 12, 2023Updated 2 years ago
Alternatives and similar repositories for teams_dump
Users that are interested in teams_dump are comparing it to the libraries listed below
Sorting:
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege☆224Nov 23, 2023Updated 2 years ago
- Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8☆351Aug 29, 2024Updated last year
- A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and re…☆465Aug 23, 2023Updated 2 years ago
- Escalate Service Account To LocalSystem via Kerberos☆402Sep 14, 2023Updated 2 years ago
- Ask a TGS on behalf of another user without password☆481Mar 30, 2025Updated 10 months ago
- ☆61Dec 15, 2023Updated 2 years ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆772Jan 26, 2026Updated 2 weeks ago
- A collection of tools using OCR to extract potential usernames from RDP screenshots.☆30Apr 15, 2024Updated last year
- A GUI wrapper inside of Havoc to interact with bloodhound CE☆70Feb 3, 2024Updated 2 years ago
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆266Apr 8, 2025Updated 10 months ago
- Quicky serve files over http or https using flask.☆35Jan 26, 2025Updated last year
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆698May 7, 2025Updated 9 months ago
- ☆131Dec 4, 2023Updated 2 years ago
- Scan strings or files for malware using the Windows Antimalware Scan Interface☆30Mar 24, 2023Updated 2 years ago
- Decrypt Veeam database passwords☆222Dec 8, 2025Updated 2 months ago
- ☆93Aug 23, 2021Updated 4 years ago
- A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.☆372Sep 29, 2025Updated 4 months ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆150May 3, 2024Updated last year
- A beacon object file implementation of PoolParty Process Injection Technique.☆432Dec 21, 2023Updated 2 years ago
- Tool to remotely dump secrets from the Windows registry☆522Nov 18, 2025Updated 2 months ago
- SuperSharpShares is a tool designed to automate enumerating domain shares, allowing for quick verification of accessible shares by your a…☆75May 3, 2024Updated last year
- NullSection is an Anti-Reversing tool that applies a technique that overwrites the section header with nullbytes.☆67Jan 20, 2024Updated 2 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆319Aug 31, 2023Updated 2 years ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆212Oct 19, 2024Updated last year
- A Large Action Model designed to operate on MacOS or Windows which interacts with common C2 interfaces such as Cobalt Strike, Havoc, or B…☆26Feb 29, 2024Updated last year
- ☆259Jan 21, 2024Updated 2 years ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Dec 16, 2023Updated 2 years ago
- Abusing Azure services over C2☆368Jan 20, 2026Updated 3 weeks ago
- A lexer and parser for Sleep☆20May 14, 2025Updated 9 months ago
- This repository implements Threadless Injection in C☆172Dec 23, 2023Updated 2 years ago
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆358Dec 13, 2025Updated 2 months ago
- DPAPI looting remotely and locally in Python☆540Oct 7, 2025Updated 4 months ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆534May 9, 2025Updated 9 months ago
- C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps☆144Feb 1, 2026Updated 2 weeks ago
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆563Jan 20, 2026Updated 3 weeks ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆78Aug 25, 2025Updated 5 months ago
- A C# port from Invoke-GhostTask☆119Jan 5, 2024Updated 2 years ago
- Abuse leaked token handles.☆134Dec 14, 2023Updated 2 years ago