Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do
☆400Feb 6, 2023Updated 3 years ago
Alternatives and similar repositories for RasmanPotato
Users that are interested in RasmanPotato are comparing it to the libraries listed below
Sorting:
- Some Service DCOM Object and SeImpersonatePrivilege abuse.☆372Dec 9, 2022Updated 3 years ago
- PrintNotifyPotato☆539Dec 2, 2022Updated 3 years ago
- ☆706Nov 7, 2023Updated 2 years ago
- UAC Bypass By Abusing Kerberos Tickets☆508Aug 10, 2023Updated 2 years ago
- Windows Token Stealing Expert☆486Nov 24, 2023Updated 2 years ago
- Execute unmanaged Windows executables in CobaltStrike Beacons☆714Mar 4, 2023Updated 3 years ago
- Local privilege escalation from SeImpersonatePrivilege using EfsRpc.☆337Oct 17, 2022Updated 3 years ago
- New generation of wmiexec.py☆1,264Jan 5, 2026Updated 2 months ago
- A Windows potato to privesc☆391Aug 26, 2024Updated last year
- HVNC for Cobalt Strike☆1,301Dec 7, 2023Updated 2 years ago
- Dump NTDS with golden certificates and UnPAC the hash☆647Mar 20, 2024Updated last year
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆1,401Nov 22, 2023Updated 2 years ago
- Credential Guard Bypass Via Patching Wdigest Memory☆335Feb 3, 2023Updated 3 years ago
- 一款OutLook信息收集工具☆244May 23, 2023Updated 2 years ago
- Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).☆817Dec 14, 2023Updated 2 years ago
- Terminate AV/EDR Processes using kernel driver☆352Jun 12, 2023Updated 2 years ago
- A BOF to determine Windows Defender exclusions.☆253Jun 25, 2023Updated 2 years ago
- Misc TaskScheduler Plays☆238Sep 27, 2022Updated 3 years ago
- Recovering NTLM hashes from Credential Guard☆377Dec 26, 2022Updated 3 years ago
- ☆162Mar 27, 2023Updated 2 years ago
- Local privilege escalation via PetitPotam (Abusing impersonate privileges).☆455Mar 30, 2023Updated 2 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆675Aug 15, 2025Updated 6 months ago
- Another Windows Local Privilege Escalation from Service Account to System☆939Nov 12, 2022Updated 3 years ago
- A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk☆473Jul 6, 2024Updated last year
- 获取服务器或域控登录日志☆276Sep 8, 2023Updated 2 years ago
- The swiss army knife of LSASS dumping☆2,071Sep 17, 2024Updated last year
- ☆2,202Nov 24, 2023Updated 2 years ago
- ☆564Feb 22, 2024Updated 2 years ago
- Fileless atexec, no more need for port 445☆404Mar 28, 2024Updated last year
- Loading Remote AES Encrypted PE in memory , Decrypted it and run it☆1,021Aug 29, 2023Updated 2 years ago
- Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind☆482Jul 12, 2023Updated 2 years ago
- Bypassing UAC with SSPI Datagram Contexts☆462Sep 24, 2023Updated 2 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes☆1,042Jun 20, 2023Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,006Jun 4, 2024Updated last year
- Mssql利用工具☆276Aug 7, 2023Updated 2 years ago
- Remote operations commands implemented using Beacon Object Files☆1,120Feb 23, 2026Updated last week
- 关于RPC一些绕EDR的tips☆198Mar 3, 2023Updated 3 years ago
- Exchange 服务器安全性的辅助测试工具☆331Jul 21, 2023Updated 2 years ago