daem0nc0re / Abusing_Weak_ACL_on_Certificate_TemplatesLinks
Investigation about ACL abusing for Active Directory Certificate Services (AD CS)
☆128Updated 3 years ago
Alternatives and similar repositories for Abusing_Weak_ACL_on_Certificate_Templates
Users that are interested in Abusing_Weak_ACL_on_Certificate_Templates are comparing it to the libraries listed below
Sorting:
- Determine if the WebClient Service (WebDAV) is running on a remote system☆140Updated last year
- Beacon Object File & C# project to check LDAP signing☆195Updated last year
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆129Updated 2 years ago
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆136Updated last year
- tgtdelegation is a Beacon Object File (BOF) to obtain a usable TGT via the "TGT delegation trick"☆177Updated 3 years ago
- ☆142Updated 3 years ago
- ☆90Updated 4 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145Updated last year
- Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket.☆98Updated last year
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆158Updated last year
- GolenGMSA tool for working with GMSA passwords☆162Updated last month
- C# version of NTLMRawUnHide☆72Updated 2 years ago
- ☆89Updated 3 years ago
- Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later☆93Updated 2 years ago
- ☆250Updated 2 years ago
- Lateral Movement☆124Updated last year
- ☆119Updated 6 months ago
- UI for creating LNKs☆105Updated 4 years ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆258Updated 2 years ago
- Tool for issuing manual LDAP queries which offers bofhound compatible output☆53Updated last year
- ☆155Updated 7 months ago
- Get Fine Grained Password Policy☆74Updated 5 months ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆101Updated 2 years ago
- OPSEC safe Kerberoasting in C#☆192Updated 3 years ago
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆109Updated 2 years ago
- DirSync is a simple proof of concept PowerShell module to demonstrate the impact of delegating DS-Replication-Get-Changes and DS-Replicat…☆28Updated 2 years ago
- ADCS cert template modification and ACL enumeration☆142Updated 2 years ago
- Simple BOF to read the protection level of a process☆119Updated 2 years ago
- ☆83Updated last year
- Some scripts to support with importing large datasets into BloodHound☆79Updated last year