Local privilege escalation, or remote code execution, through Splunk Universal Forwarder (UF) misconfigurations
☆255Sep 30, 2022Updated 3 years ago
Alternatives and similar repositories for SplunkWhisperer2
Users that are interested in SplunkWhisperer2 are comparing it to the libraries listed below
Sorting:
- Remote Command Execution as SYSTEM on Windows IoT Core (releases available for Python2.7 & Python3)☆385Dec 13, 2020Updated 5 years ago
- Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket☆614Aug 15, 2025Updated 6 months ago
- ☆33Feb 27, 2018Updated 8 years ago
- Process Injection☆766Oct 24, 2021Updated 4 years ago
- Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.☆608Aug 5, 2022Updated 3 years ago
- A little tool to convert ccache tickets into kirbi (KRB-CRED) and vice versa based on impacket.☆169Jun 16, 2022Updated 3 years ago
- A C# tool to search through a running instance of Outlook for keywords☆111Jan 14, 2021Updated 5 years ago
- Kerberos relaying and unconstrained delegation abuse toolkit☆1,537Jan 27, 2025Updated last year
- Service Enumeration C# .NET Assembly☆58Sep 14, 2021Updated 4 years ago
- PowerShell MachineAccountQuota and DNS exploit tools☆1,438Jan 11, 2023Updated 3 years ago
- Another Windows Local Privilege Escalation from Service Account to System☆1,155Jan 9, 2021Updated 5 years ago
- CSHARP DCOM Fun☆138Sep 16, 2019Updated 6 years ago
- Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities☆1,659Nov 28, 2020Updated 5 years ago
- Dumping LAPS from Python☆282Dec 7, 2022Updated 3 years ago
- WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations☆373Oct 30, 2020Updated 5 years ago
- SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GP…☆1,303Dec 15, 2020Updated 5 years ago
- ☆257Feb 17, 2023Updated 3 years ago
- Weaponizing Splunk with reverse and bind shells.☆182Apr 7, 2017Updated 8 years ago
- Remotely enables Restricted Admin Mode☆215Sep 3, 2021Updated 4 years ago
- Python script to enumerate users, groups and computers from a Windows domain through LDAP queries☆949Apr 20, 2022Updated 3 years ago
- PoC of a VBA macro spawning a process with a spoofed parent and command line.☆381Apr 28, 2020Updated 5 years ago
- Port of Invoke-Excel4DCOM☆104Oct 12, 2019Updated 6 years ago
- Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019☆1,811Sep 4, 2024Updated last year
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- Abusing impersonation privileges through the "Printer Bug"☆2,191Sep 10, 2020Updated 5 years ago
- Extracts all base64 ticket data from a rubeus /dump file and converts the tickets to ccache files for easy use with other tools.☆66Oct 3, 2020Updated 5 years ago
- "Golden" certificates☆710Aug 17, 2024Updated last year
- ☆408Feb 10, 2026Updated 3 weeks ago
- Ansible playbooks for instrumenting a Red Team environment with RedElk☆52Oct 6, 2020Updated 5 years ago
- PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM (direct shellcode injection in Excel.exe)☆328Mar 26, 2019Updated 6 years ago
- PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as w…☆1,090May 29, 2024Updated last year
- C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527☆1,967Jul 20, 2021Updated 4 years ago
- Silencing Sysmon via driver unload☆235Oct 13, 2022Updated 3 years ago
- D/Invoke port of UrbanBishop☆108Jul 19, 2020Updated 5 years ago
- ADCS abuser☆315Feb 6, 2023Updated 3 years ago
- Using outlook COM objects to create convincing phishing emails without the user noticing. This project is meant for internal phishing.☆155Dec 22, 2020Updated 5 years ago
- A proof-of-concept tool that attempts to retrieve the configuration from the memory dump of an F-Secure C3 Relay executable.☆17Jul 2, 2021Updated 4 years ago
- Powershell script for enumerating vulnerable DCOM Applications☆266Nov 30, 2018Updated 7 years ago
- A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts t…☆2,737Dec 18, 2021Updated 4 years ago