crisprss / RasmanPotato
Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do
☆370Updated 2 years ago
Alternatives and similar repositories for RasmanPotato:
Users that are interested in RasmanPotato are comparing it to the libraries listed below
- Some Service DCOM Object and SeImpersonatePrivilege abuse.☆354Updated 2 years ago
- Modify version of impacket wmiexec.py, get output(data,response) from registry, don't need SMB connection, also bypassing antivirus-softw…☆278Updated last year
- Dumping LSASS with a duplicated handle from custom LSA plugin☆199Updated 3 years ago
- C2 redirector base on caddy☆201Updated 9 months ago
- Fileless atexec, no more need for port 445☆360Updated 11 months ago
- A Windows potato to privesc☆353Updated 6 months ago
- PrintNotifyPotato☆513Updated 2 years ago
- ☆228Updated 4 months ago
- PoC for the CVE-2022-41080 , CVE-2022-41082 and CVE-2022-41076 Vulnerabilities Affecting Microsoft Exchange Servers☆91Updated 2 years ago
- CobaltStrike 4.0 - 4.5 Patch☆174Updated 2 years ago
- 免杀学习笔记☆221Updated last year
- Take a screenshot without injection for Cobalt Strike☆183Updated last year
- RCE exploit for CVE-2023-3519☆221Updated last year
- A Tool that aims to evade av with binary padding☆147Updated 8 months ago
- Credential Guard Bypass Via Patching Wdigest Memory☆314Updated 2 years ago
- A beacon object file implementation of PoolParty Process Injection Technique.☆371Updated last year
- ☆237Updated last year
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆237Updated 9 months ago
- A list of python tools to help create an OPSEC-safe Cobalt Strike profile.☆404Updated last year
- ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)☆179Updated 3 years ago
- not a reverse-engineered version of the Cobalt Strike Beacon☆352Updated 11 months ago
- NTLM relay test.☆187Updated last year
- Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking.☆299Updated 2 years ago
- PE to shellcode☆179Updated 2 months ago
- An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are a…☆128Updated 2 years ago
- Use python to perform Kerberos pre-auth bruteforcing☆195Updated last year
- GetProcAddressByHash/remap/full dll unhooking/Tartaru's Gate/Spoofing Gate/universal/Perun's Fart/Spoofing-Gate/EGG/RecycledGate/syswhisp…☆311Updated 6 months ago
- ☆322Updated last month
- Write-up for another forgotten Windows vulnerability (0day): Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute…☆154Updated last year
- Alternative Shellcode Execution Via Callbacks Rewrite In C#☆88Updated last year