A PoC for the dMSA Active Directory Domain Takeover deemed BadSuccessor
☆60Mar 6, 2026Updated 3 months ago
Alternatives and similar repositories for BadSuccessor
Users that are interested in BadSuccessor are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Async BOF implementation of 'Rubeus monitor' to detect and automatically extract Kerberos TGTs as they appear on a target system.☆125Jun 10, 2026Updated 3 weeks ago
- a minimalistic winrm client written in python☆47Apr 17, 2026Updated 2 months ago
- Automated Pass-the-Ticket (PtT) attack. Standalone alternative to Rubeus and Mimikatz for this attack. Implemented in C#, C++, Crystal, P…☆136Feb 17, 2026Updated 4 months ago
- Windows Privilege Escalation☆25Jun 7, 2022Updated 4 years ago
- Impack-only implementation of WinRM protocol with support for NTLM and Kerberos auth☆137May 5, 2026Updated last month
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A C# utility for interacting with SCOM☆101Dec 2, 2025Updated 7 months ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆48Feb 24, 2026Updated 4 months ago
- Precompiled executable☆68Feb 21, 2025Updated last year
- Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintai…☆81Oct 27, 2025Updated 8 months ago
- Demo of a malicious python package that will run code upon pip download or install☆29Sep 10, 2022Updated 3 years ago
- Convert .reg to registry hive and reciprocally, without elevation☆90Jun 9, 2026Updated 3 weeks ago
- Bunch of BOF files☆44Jun 30, 2025Updated last year
- A python port of @dafthack's MFAsweep with some added OPSEC functionality. MFAde can be used to find single-factor authentication failure…☆53Jul 18, 2025Updated 11 months ago
- Collection of useful pre-compiled .NET binaries or other executables for penetration testing Windows Active Directory environments☆288Mar 2, 2026Updated 4 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A ring0 Loadable Kernel Module (Linux) for latest kernels 6.x☆105Dec 16, 2025Updated 6 months ago
- Python and BOF utilites to the determine EPA enforcement levels of popular NTLM relay targets from the offensive perspective☆179May 31, 2026Updated last month
- Chisel new generation, written in rust. SSH under WSS with some customization.☆132Jan 24, 2026Updated 5 months ago
- Proof-of-concept implementation of AI-enabled postex DLLs☆95Sep 10, 2025Updated 9 months ago
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆96Jul 3, 2025Updated last year
- A tool for carrying out brute force attacks against Office 365, with built in IP rotation use AWS gateways.☆80Jun 6, 2024Updated 2 years ago
- Convert your shellcode into an ASCII string☆128Jun 27, 2025Updated last year
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆218Oct 19, 2024Updated last year
- shellcode obfuscater and runner in golang☆11Aug 13, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ASPX Web Shell with COFF Loader☆132Mar 10, 2026Updated 3 months ago
- SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai.☆413Sep 26, 2025Updated 9 months ago
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆15Apr 2, 2026Updated 3 months ago
- PowerShell Script to automatically abuse the BadSuccessor vulnerability (CVE-2025-53779)☆47Jun 15, 2026Updated 2 weeks ago
- Audiodg.exe DLL hijacking for LPE with reboot-free restart primitive. Executes code as LOCAL SERVICE, escalates to SYSTEM via Scheduled T…☆130Jan 24, 2026Updated 5 months ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated last year
- A tool that supports finding and abusing whitelisted programs to allow arbitrary file writing into the executable folder of Antivirus sof…☆92May 3, 2026Updated 2 months ago
- A tool to assist DLL hijacking via the Havoc GUI☆14Jan 9, 2024Updated 2 years ago
- CVE-2023-2255 Libre Office☆65Jul 10, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Zerologon Check and Exploit - Discovered by Tom Tervoort of Secura and expanded on @Dirkjanm's cve-2020-1472 coded example. This tool wil…☆18Apr 12, 2022Updated 4 years ago
- Talk slides and material☆38Mar 24, 2024Updated 2 years ago
- Tool that gathers a customizable set of ETW telemetry and generates user-defined detections☆55Jan 28, 2026Updated 5 months ago
- converts sRDI compatible dlls to shellcode☆39Jan 20, 2025Updated last year
- Dump Teams conversations☆18Jun 9, 2021Updated 5 years ago
- Tamper Active Directory user attributes to collect their hashes with MS-SNTP☆65Jan 21, 2025Updated last year
- Offensive Linux tool for network attacks. Built from the ground with only C.☆13May 1, 2021Updated 5 years ago