crisprss / magicNetdefs
Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged processes to access malicious pipes for exploitation
☆49Updated 2 years ago
Alternatives and similar repositories for magicNetdefs:
Users that are interested in magicNetdefs are comparing it to the libraries listed below
- A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…☆31Updated 2 years ago
- WhoAmI by asking the LDAP service on a domain controller.☆60Updated 3 years ago
- ☆46Updated 2 years ago
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆33Updated last year
- Generate AES128/256 Kerberos keys for an AD account using a plaintext password and Python3☆50Updated 2 years ago
- ☆24Updated 2 years ago
- Beacon Object Files (not Buffer Overflows)☆53Updated last year
- Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry☆26Updated 4 years ago
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆53Updated 2 years ago
- ☆29Updated 2 years ago
- C# implementation of Get-AADIntSyncCredentials from AADInternals, which extracts Azure AD Connect credentials to AD and Azure AD from AAD…☆37Updated last year
- Standalone Cobalt Strike operation logging Aggressor script for Ghostwriter 2.0+☆25Updated 6 months ago
- ☆30Updated 2 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆53Updated 3 years ago
- .NET project for installing Persistence☆64Updated 3 years ago
- ☆36Updated 2 years ago
- Windows Persistence Toolkit in C#☆36Updated 2 years ago
- Laz-y project compatible C# templates for shellcode injection.☆20Updated 2 years ago
- WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.☆52Updated 3 years ago
- .NET port of Leron Gray's azbelt tool.☆26Updated last year
- Perform Windows domain enumeration via LDAP☆36Updated 2 years ago
- Exploit for Arbitrary File Move vulnerability in ZoneAlarm AV☆26Updated 2 years ago
- A VSCode plugin to assist with BOF development.☆33Updated 6 months ago
- A little scanner to check the LDAP Signing state☆46Updated 3 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆52Updated last year
- A care package of useful bofs for red team engagments☆54Updated 2 months ago
- Secretsdump C# version only supporting local (live) operation☆48Updated last year
- LSASS enumeration like pypykatz written in C-Lang☆20Updated 3 years ago
- ☆23Updated 2 years ago
- IOXIDResolver from AirBus Security/PingCastle☆46Updated 4 years ago