Coerce Windows machines auth via MS-EVEN
☆172Jan 17, 2024Updated 2 years ago
Alternatives and similar repositories for CheeseOunce
Users that are interested in CheeseOunce are comparing it to the libraries listed below
Sorting:
- MS-FSRVP coercion abuse PoC☆303Dec 30, 2021Updated 4 years ago
- Beacon Object File & C# project to check LDAP signing☆199Aug 7, 2024Updated last year
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- Python tool to Check running WebClient services on multiple targets based on @leechristensen☆287Aug 18, 2021Updated 4 years ago
- C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic☆144Feb 23, 2022Updated 4 years ago
- ☆252Sep 28, 2023Updated 2 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- COFF file (BOF) for managing Kerberos tickets.☆320Jul 2, 2023Updated 2 years ago
- A C# utility for interacting with SCCM☆682Aug 20, 2025Updated 6 months ago
- Dump Citrix Secure Access auth cookie from the process memory☆76Jun 24, 2022Updated 3 years ago
- COFF and BOF Loader written in Nim☆175Aug 1, 2022Updated 3 years ago
- From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller☆439Jan 4, 2025Updated last year
- ☆828Sep 9, 2022Updated 3 years ago
- Check for LDAP protections regarding the relay of NTLM authentication☆530Nov 19, 2024Updated last year
- NTLM relaying for Windows made easy☆579Apr 25, 2023Updated 2 years ago
- Some Service DCOM Object and SeImpersonatePrivilege abuse.☆372Dec 9, 2022Updated 3 years ago
- In-memory token vault BOF for Cobalt Strike☆149Aug 18, 2022Updated 3 years ago
- POC tool to convert CobaltStrike BOF files to raw shellcode☆220Nov 5, 2021Updated 4 years ago
- WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.☆281Feb 24, 2025Updated last year
- Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory☆398Aug 15, 2025Updated 6 months ago
- Execute unmanaged Windows executables in CobaltStrike Beacons☆714Mar 4, 2023Updated 3 years ago
- An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).☆418Jan 27, 2024Updated 2 years ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆143Mar 9, 2024Updated last year
- Beacon Object Files for roasting Active Directory☆235Feb 21, 2022Updated 4 years ago
- A little tool to play with the Seclogon service☆326Jul 10, 2022Updated 3 years ago
- ☆415Apr 28, 2021Updated 4 years ago
- Collection of remote authentication triggers in C#☆524May 15, 2024Updated last year
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆130Jan 14, 2023Updated 3 years ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆258May 10, 2023Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,006Jun 4, 2024Updated last year
- A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk☆473Jul 6, 2024Updated last year
- PoC to interact with local/remote registry hives through WMI☆86Jun 14, 2020Updated 5 years ago
- Remote operations commands implemented using Beacon Object Files☆1,120Feb 23, 2026Updated last week
- Running .NET from VBA☆148Feb 11, 2023Updated 3 years ago
- Escalate Service Account To LocalSystem via Kerberos☆403Sep 14, 2023Updated 2 years ago
- Recovering NTLM hashes from Credential Guard☆377Dec 26, 2022Updated 3 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆235Oct 18, 2022Updated 3 years ago
- ☆181Feb 3, 2021Updated 5 years ago
- ☆159Apr 17, 2024Updated last year