Alternatives and similar repositories for SIGRed_RCE_PoC

Users that are interested in SIGRed_RCE_PoC are comparing it to the libraries listed below

• Flangvik / DeployPrinterNightmare

  View on GitHub
  C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!
  ☆183Aug 4, 2021Updated 4 years ago
• chompie1337 / SMBGhost_RCE_PoC

  View on GitHub
  ☆1,375Jul 2, 2020Updated 5 years ago
• irsl / CVE-2020-1313

  View on GitHub
  Proof of concept exploit of Windows Update Orchestrator Service Elevation of Privilege Vulnerability
  ☆125Jul 30, 2020Updated 5 years ago
• deepinstinct / LsassSilentProcessExit

  View on GitHub
  Command line interface to dump LSASS memory to disk via SilentProcessExit
  ☆455Dec 23, 2020Updated 5 years ago
• waldo-irc / CVE-2021-21551

  View on GitHub
  Exploit to SYSTEM for CVE-2021-21551
  ☆235May 20, 2021Updated 4 years ago
• yardenshafir / PoolViewer

  View on GitHub
  An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.
  ☆149Mar 2, 2023Updated 2 years ago
• vp777 / Windows-Non-Paged-Pool-Overflow-Exploitation

  View on GitHub
  Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…
  ☆258Sep 1, 2022Updated 3 years ago
• connormcgarr / LittleCorporal

  View on GitHub
  LittleCorporal: A C# Automated Maldoc Generator
  ☆229Jul 30, 2021Updated 4 years ago
• xforcered / StandIn

  View on GitHub
  StandIn is a small .NET35/45 AD post-exploitation toolkit
  ☆258Dec 2, 2021Updated 4 years ago
• anthemtotheego / CredBandit

  View on GitHub
  Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…
  ☆219Jul 14, 2021Updated 4 years ago
• CCob / lsarelayx

  View on GitHub
  NTLM relaying for Windows made easy
  ☆579Apr 25, 2023Updated 2 years ago
• cube0x0 / CVE-2021-1675

  View on GitHub
  C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527
  ☆1,962Jul 20, 2021Updated 4 years ago
• antonioCoco / RemotePotato0

  View on GitHub
  Windows Privilege Escalation from User to Domain Admin.
  ☆1,438Dec 18, 2022Updated 3 years ago
• moloch-- / DarkLoadLibrary

  View on GitHub
  LoadLibrary for offensive operations
  ☆33Dec 14, 2021Updated 4 years ago
• jamf / CVE-2020-0796-RCE-POC

  View on GitHub
  CVE-2020-0796 Remote Code Execution POC
  ☆570Jun 9, 2020Updated 5 years ago
• CCob / MirrorDump

  View on GitHub
  Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…
  ☆269Mar 18, 2021Updated 4 years ago
• 0vercl0k / CVE-2021-28476

  View on GitHub
  PoC for CVE-2021-28476 a guest-to-host "Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys.
  ☆226Jun 1, 2021Updated 4 years ago
• itm4n / PPLdump

  View on GitHub
  Dump the memory of a PPL with a userland exploit
  ☆891Jul 24, 2022Updated 3 years ago
• S3cur3Th1sSh1t / MultiPotato

  View on GitHub
  ☆539Nov 20, 2021Updated 4 years ago
• mdsecactivebreach / Farmer

  View on GitHub
  ☆413Apr 28, 2021Updated 4 years ago
• GhostPack / RestrictedAdmin

  View on GitHub
  Remotely enables Restricted Admin Mode
  ☆215Sep 3, 2021Updated 4 years ago
• 0vercl0k / CVE-2021-31166

  View on GitHub
  Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.
  ☆833Jun 12, 2021Updated 4 years ago
• JamesCooteUK / SharpSphere

  View on GitHub
  .NET Project for Attacking vCenter
  ☆553Nov 11, 2021Updated 4 years ago
• FuzzySecurity / StandIn

  View on GitHub
  StandIn is a small .NET35/45 AD post-exploitation toolkit
  ☆831Dec 2, 2023Updated 2 years ago
• bluefrostsecurity / CVE-2019-1215

  View on GitHub
  ☆152Jan 7, 2020Updated 6 years ago
• bats3c / ADCSPwn

  View on GitHub
  A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…
  ☆863Mar 20, 2023Updated 2 years ago
• RedCursorSecurityConsulting / PPLKiller

  View on GitHub
  Tool to bypass LSA Protection (aka Protected Process Light)
  ☆986Dec 4, 2022Updated 3 years ago
• LloydLabs / delete-self-poc

  View on GitHub
  A way to delete a locked file, or current running executable, on disk.
  ☆616Nov 5, 2025Updated 3 months ago
• itm4n / Perfusion

  View on GitHub
  Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)
  ☆426Apr 22, 2021Updated 4 years ago
• boku7 / HOLLOW

  View on GitHub
  EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and e…
  ☆292Mar 8, 2023Updated 2 years ago
• Kevin-Robertson / Sharpmad

  View on GitHub
  C# version of Powermad
  ☆170Dec 5, 2023Updated 2 years ago
• Barbarisch / forkatz

  View on GitHub
  credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege
  ☆123May 22, 2021Updated 4 years ago
• Mr-Un1k0d3r / RedTeamCCode

  View on GitHub
  Red Team C code repo
  ☆569Dec 16, 2024Updated last year
• passthehashbrowns / hiding-your-syscalls

  View on GitHub
  Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…
  ☆218Feb 20, 2023Updated 2 years ago
• dirkjanm / CVE-2020-1472

  View on GitHub
  PoC for Zerologon - all research credits go to Tom Tervoort of Secura
  ☆1,277Nov 3, 2020Updated 5 years ago
• pkb1s / SharpRelay

  View on GitHub
  ☆180Feb 3, 2021Updated 5 years ago
• Mr-Un1k0d3r / ADHuntTool

  View on GitHub
  official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)
  ☆232Jun 10, 2022Updated 3 years ago
• chompie1337 / Linux_LPE_eBPF_CVE-2021-3490

  View on GitHub
  ☆312Jul 10, 2023Updated 2 years ago
• hausec / ProxyLogon

  View on GitHub
  ☆298Jul 2, 2024Updated last year