crisprss / PetitPotam
替代PrintBug用于本地提权的新方式,主要利用MS-EFSR协议中的接口函数 借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式 Drawing on the use of the EFSR protocol in Potitpotam, a series of local rights escalation methods have been realized
☆148Updated 3 years ago
Alternatives and similar repositories for PetitPotam:
Users that are interested in PetitPotam are comparing it to the libraries listed below
- (批量化改造)sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。☆107Updated 4 years ago
- 通过WindowsAPI获取用户凭证,并保存到文件中☆194Updated 10 months ago
- ☆3Updated 2 years ago
- PrintSpoofer的反射dll实现,结合Cobalt Strike使用☆88Updated 3 years ago
- CVE-2020-1472 C++☆82Updated 2 years ago
- 利用 NTLMSSP 探测 Windows 信息☆167Updated 2 years ago
- hyscan HengGe Team☆68Updated 3 years ago
- CrossC2通信协议API实现☆84Updated 3 years ago
- ☆100Updated 2 years ago
- PrintNightMare LPE提权漏洞的CS 反射加载插件。开箱即用、通过内存加载、混淆加载的驱动名称来ByPass Defender/EDR。☆148Updated 3 years ago
- 调用x64dbg中的loadll.exe白加黑示例代码☆61Updated 10 months ago
- Zerologon自动化脚本☆88Updated last year
- NoPacScan is a CVE-2021-42287/CVE-2021-42278 Scanner,it scan for more domain controllers than other script☆88Updated 3 years ago
- Zerologon exploit with restore DC password automatically☆133Updated last year
- 用来存放平时写的一些net内存马,仅用于练手,需要可以自行修改☆87Updated 3 years ago
- 通过websocket在IIS8(Windows Server 2012)以上实现socks5代理☆87Updated last year
- ☆90Updated 2 years ago
- If you only have hash, you can still operate exchange☆72Updated 3 years ago
- 窃取当前用户的ssh,sudo密码☆69Updated 2 years ago
- Cobalt Strike BOF that Add a user to localgroup by samr☆129Updated 2 years ago
- 蚁剑AES加密通信ASPX Webshell☆31Updated 3 years ago
- 根据攻防以及域信息收集经验dump快而有用的域信息☆104Updated last year
- 密码收集☆58Updated 3 years ago
- CVE-2020-0787的简单回显☆32Updated 3 years ago
- C++枚举磁盘列表、遍历指定盘搜索特定类型文件/微信导出密钥,文件回传等功能☆153Updated 2 years ago
- 域内普通域用户权限查找域内所有计算机上登录的用户☆150Updated 2 years ago
- ☆49Updated 3 years ago
- 创建服务持久化☆105Updated 4 years ago
- ☆49Updated last year
- 批量检查远程桌面密码或ntlm是否正确☆41Updated 4 years ago