decoder-it / KrbRelayEx
☆311Updated 3 weeks ago
Alternatives and similar repositories for KrbRelayEx:
Users that are interested in KrbRelayEx are comparing it to the libraries listed below
- Python implementation of GhostPack's Seatbelt situational awareness tool☆257Updated 5 months ago
- PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…☆147Updated 10 months ago
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆579Updated 9 months ago
- Continuous password spraying tool☆180Updated last month
- A cross-platform tool to find and decrypt Group Policy Preferences passwords from the SYSVOL share using low-privileged domain accounts☆141Updated last week
- NukeAMSI is a powerful tool designed to neutralize the Antimalware Scan Interface (AMSI) in Windows environments.☆151Updated 3 months ago
- psexecsvc - a python implementation of PSExec's native service implementation☆193Updated 2 months ago
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆193Updated 2 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆198Updated 10 months ago
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆357Updated 4 months ago
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆161Updated 4 months ago
- PowerShell scripts for alternative SharpHound enumeration, including users, groups, computers, and certificates, using the ActiveDirector…☆342Updated 4 months ago
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆254Updated 8 months ago
- ☆276Updated last year
- RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging☆183Updated last month
- ☆170Updated 5 months ago
- Tool for Active Directory Certificate Services enumeration and abuse☆128Updated last week
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆297Updated 5 months ago
- FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadi…☆274Updated 6 months ago
- An interactive shell to spoof some LOLBins command line☆184Updated last year
- Weaponizing DCOM for NTLM Authentication Coercions☆190Updated 2 weeks ago
- Lab used for workshop and CTF☆179Updated 2 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆197Updated 6 months ago
- ☆215Updated 6 months ago
- Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …☆191Updated 6 months ago
- Our Tips&Tricks☆115Updated 2 months ago
- yet another AV killer tool using BYOVD☆270Updated last year
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆288Updated 11 months ago
- ☆186Updated last year
- A PoC for Early Cascade process injection technique.☆176Updated 2 months ago