A PoC for the dMSA Active Directory Domain Takeover deemed BadSuccessor
☆54Mar 6, 2026Updated last month
Alternatives and similar repositories for BadSuccessor
Users that are interested in BadSuccessor are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Async BOF implementation of 'Rubeus monitor' to detect and automatically extract Kerberos TGTs as they appear on a target system.☆116Apr 22, 2026Updated last week
- Automated Pass-the-Ticket (PtT) attack. Standalone alternative to Rubeus and Mimikatz for this attack. Implemented in C#, C++, Crystal, P…☆129Feb 17, 2026Updated 2 months ago
- Windows Privilege Escalation☆24Jun 7, 2022Updated 3 years ago
- a minimalistic winrm client written in python☆39Apr 17, 2026Updated 2 weeks ago
- Impack-only implementation of WinRM protocol with support for NTLM and Kerberos auth☆130Oct 20, 2025Updated 6 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A C# utility for interacting with SCOM☆100Dec 2, 2025Updated 5 months ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆47Feb 24, 2026Updated 2 months ago
- Precompiled executable☆67Feb 21, 2025Updated last year
- Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintai…☆80Oct 27, 2025Updated 6 months ago
- Demo of a malicious python package that will run code upon pip download or install☆29Sep 10, 2022Updated 3 years ago
- Convert .reg to registry hive and reciprocally, without elevation☆87Feb 18, 2026Updated 2 months ago
- Bunch of BOF files☆41Jun 30, 2025Updated 10 months ago
- A python port of @dafthack's MFAsweep with some added OPSEC functionality. MFAde can be used to find single-factor authentication failure…☆53Jul 18, 2025Updated 9 months ago
- Collection of useful pre-compiled .NET binaries or other executables for penetration testing Windows Active Directory environments☆267Mar 2, 2026Updated 2 months ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- A ring0 Loadable Kernel Module (Linux) for latest kernels 6.x☆105Dec 16, 2025Updated 4 months ago
- Python and BOF utilites to the determine EPA enforcement levels of popular NTLM relay targets from the offensive perspective☆173Jan 12, 2026Updated 3 months ago
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆95Jul 3, 2025Updated 10 months ago
- Chisel new generation, written in rust. SSH under WSS with some customization.☆130Jan 24, 2026Updated 3 months ago
- Proof-of-concept implementation of AI-enabled postex DLLs☆90Sep 10, 2025Updated 7 months ago
- A tool for carrying out brute force attacks against Office 365, with built in IP rotation use AWS gateways.☆80Jun 6, 2024Updated last year
- Convert your shellcode into an ASCII string☆128Jun 27, 2025Updated 10 months ago
- Audiodg.exe DLL hijacking for LPE with reboot-free restart primitive. Executes code as LOCAL SERVICE, escalates to SYSTEM via Scheduled T…☆92Jan 24, 2026Updated 3 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆217Oct 19, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- shellcode obfuscater and runner in golang☆11Aug 13, 2023Updated 2 years ago
- ASPX Web Shell with COFF Loader☆129Mar 10, 2026Updated last month
- SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai.☆399Sep 26, 2025Updated 7 months ago
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆14Apr 2, 2026Updated last month
- A tool that supports finding and abusing whitelisted programs to allow arbitrary file writing into the executable folder of Antivirus sof…☆85Nov 1, 2025Updated 6 months ago
- PowerShell Script to automatically abuse the BadSuccessor vulnerability (CVE-2025-53779)☆45Nov 19, 2025Updated 5 months ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated last year
- A tool to assist DLL hijacking via the Havoc GUI☆13Jan 9, 2024Updated 2 years ago
- CVE-2023-2255 Libre Office☆64Jul 10, 2023Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Talk slides and material☆38Mar 24, 2024Updated 2 years ago
- Zerologon Check and Exploit - Discovered by Tom Tervoort of Secura and expanded on @Dirkjanm's cve-2020-1472 coded example. This tool wil…☆18Apr 12, 2022Updated 4 years ago
- Tool that gathers a customizable set of ETW telemetry and generates user-defined detections☆53Jan 28, 2026Updated 3 months ago
- Dump Teams conversations☆18Jun 9, 2021Updated 4 years ago
- converts sRDI compatible dlls to shellcode☆38Jan 20, 2025Updated last year
- ☆80Jan 1, 2026Updated 4 months ago
- Tamper Active Directory user attributes to collect their hashes with MS-SNTP☆65Jan 21, 2025Updated last year