Generate password spraying lists based on the pwdLastSet-attribute of users.
☆55Dec 6, 2023Updated 2 years ago
Alternatives and similar repositories for CredGuess
Users that are interested in CredGuess are comparing it to the libraries listed below
Sorting:
- Enumerate domain machine accounts and perform pre2k password spraying.☆69Jul 14, 2023Updated 2 years ago
- ☆27Aug 18, 2023Updated 2 years ago
- Decrypt Veeam database passwords☆222Dec 8, 2025Updated 2 months ago
- DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …☆568Jun 5, 2023Updated 2 years ago
- DFSCoerce exe revisited version with custom authentication☆42Jan 13, 2024Updated 2 years ago
- A simple BOF that disables some logging with NtSetInformationProcess☆13Oct 13, 2023Updated 2 years ago
- .NET port of Leron Gray's azbelt tool.☆26Sep 21, 2023Updated 2 years ago
- Check for LDAP protections regarding the relay of NTLM authentication☆530Nov 19, 2024Updated last year
- Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…☆19Apr 24, 2023Updated 2 years ago
- A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.☆372Sep 29, 2025Updated 5 months ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆84Jan 6, 2023Updated 3 years ago
- Use ESC1 to perform a makeshift DCSync and dump hashes☆210Nov 2, 2023Updated 2 years ago
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Aug 8, 2022Updated 3 years ago
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆204Jun 23, 2023Updated 2 years ago
- An old Windows workstations LPE for domain environments without LDAP signing/channel binding.☆35Feb 4, 2023Updated 3 years ago
- Ask a TGS on behalf of another user without password☆482Mar 30, 2025Updated 11 months ago
- Easily-guessable Password Generator for Password Spray Attack☆20Jun 4, 2020Updated 5 years ago
- ☆307Mar 15, 2025Updated 11 months ago
- A tool for enumerating potential hosts that are open to GSSAPI abuse within Active Directory networks☆182Aug 16, 2025Updated 6 months ago
- ☆163Oct 25, 2023Updated 2 years ago
- Scripts to interact with Microsoft Graph APIs☆44Nov 7, 2024Updated last year
- A small executable to trick a user to authenticate using code matching MFA☆68Oct 6, 2023Updated 2 years ago
- To audit the security of read-only domain controllers☆118Nov 27, 2023Updated 2 years ago
- Timeroasting scripts by Tom Tervoort☆386Nov 11, 2025Updated 3 months ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- Lateral Movement Using DCOM and DLL Hijacking☆325Jun 18, 2023Updated 2 years ago
- ☆79Aug 2, 2023Updated 2 years ago
- A tool to query for the existence of pre-windows 2000 computer objects.☆368Dec 23, 2025Updated 2 months ago
- Identify common attack paths to get Domain Administrator☆21Aug 20, 2019Updated 6 years ago
- HashKitty is a user-friendly cross-platform Python wrapper for Hashcat designed to provide an easy password cracking experience for both …☆42Jul 18, 2024Updated last year
- This is repo with my custom zsh completion files for pentesting tools, which do not exist in zsh and oh-my-zsh by default☆12Oct 23, 2025Updated 4 months ago
- Offensive MSSQL toolkit written in Python, based off SQLRecon☆207Jan 12, 2025Updated last year
- ☆152Oct 2, 2023Updated 2 years ago
- My implementation of the GIUDA project in C++☆189Jul 25, 2023Updated 2 years ago
- Dump NTDS with golden certificates and UnPAC the hash☆647Mar 20, 2024Updated last year
- Bruteforces Fortinet SSL VPNs☆57Sep 19, 2023Updated 2 years ago
- An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.☆16Nov 1, 2023Updated 2 years ago
- Kubernetes, Clusters and Dockers Enumeration in GCP and AWS environments☆12Nov 23, 2023Updated 2 years ago
- ☆223Oct 22, 2023Updated 2 years ago