horizon3ai / backup_dc_registryLinks
A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY
☆86Updated 3 years ago
Alternatives and similar repositories for backup_dc_registry
Users that are interested in backup_dc_registry are comparing it to the libraries listed below
Sorting:
- A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.☆132Updated last year
- ADCS cert template modification and ACL enumeration☆138Updated 2 years ago
- DCSync Attack from Outside using Impacket☆114Updated 3 years ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆185Updated 3 years ago
- Static standalone binaries for Linux and Windows (x64) of Python offensive tools. Compiled using PyInstaller, Docker for Windows, WSL2, a…☆104Updated 3 years ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆138Updated last year
- PoC to coerce authentication from Windows hosts using MS-WSP☆253Updated last year
- Powershell version of SharpGPOAbuse☆84Updated 4 years ago
- ☆88Updated 2 years ago
- ☆52Updated 2 years ago
- A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket☆62Updated 5 years ago
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆176Updated 2 years ago
- SeRestorePrivilege to SYSTEM☆119Updated 3 years ago
- Simple C# implementation of PowerUpSQL☆95Updated last year
- Buggy script to play with GPOs☆111Updated 7 months ago
- ☆141Updated 3 years ago
- ☆100Updated last year
- Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.☆115Updated 3 years ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆156Updated last year
- Repository contains psexec, which will help to exploit the forgotten pipe☆171Updated 8 months ago
- Exploit for CVE-2023-27532 against Veeam Backup & Replication☆111Updated 2 years ago
- Beacon Object File & C# project to check LDAP signing☆193Updated 11 months ago
- C# version of Powermad☆166Updated last year
- A variety of AV evasion techniques written in C# for practice.☆92Updated 4 years ago
- ☆228Updated last year
- A RunAs clone with the ability to specify the password as an argument.☆112Updated 2 years ago
- MS-FSRVP coercion abuse PoC☆294Updated 3 years ago
- ☆163Updated 8 months ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆257Updated 2 years ago
- ACL abuse swiss-knife☆125Updated 2 years ago