A PoC for the dMSA Active Directory Domain Takeover deemed BadSuccessor
☆54Mar 6, 2026Updated last month
Alternatives and similar repositories for BadSuccessor
Users that are interested in BadSuccessor are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Automated Pass-the-Ticket (PtT) attack. Standalone alternative to Rubeus and Mimikatz for this attack. Implemented in C#, C++, Crystal, P…☆129Feb 17, 2026Updated last month
- Windows Privilege Escalation☆23Jun 7, 2022Updated 3 years ago
- Impack-only implementation of WinRM protocol with support for NTLM and Kerberos auth☆128Oct 20, 2025Updated 5 months ago
- A C# utility for interacting with SCOM☆98Dec 2, 2025Updated 4 months ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆47Feb 24, 2026Updated last month
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Precompiled executable☆66Feb 21, 2025Updated last year
- Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintai…☆79Oct 27, 2025Updated 5 months ago
- Demo of a malicious python package that will run code upon pip download or install☆29Sep 10, 2022Updated 3 years ago
- Convert .reg to registry hive and reciprocally, without elevation☆84Feb 18, 2026Updated last month
- Bunch of BOF files☆41Jun 30, 2025Updated 9 months ago
- Proof-of-concept implementation of AI-enabled postex DLLs☆52Sep 10, 2025Updated 7 months ago
- A python port of @dafthack's MFAsweep with some added OPSEC functionality. MFAde can be used to find single-factor authentication failure…☆52Jul 18, 2025Updated 8 months ago
- Collection of useful pre-compiled .NET binaries or other executables for penetration testing Windows Active Directory environments☆264Mar 2, 2026Updated last month
- A ring0 Loadable Kernel Module (Linux) for latest kernels 6.x☆105Dec 16, 2025Updated 3 months ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Python and BOF utilites to the determine EPA enforcement levels of popular NTLM relay targets from the offensive perspective☆170Jan 12, 2026Updated 3 months ago
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆95Jul 3, 2025Updated 9 months ago
- Chisel new generation, written in rust. SSH under WSS with some customization.☆129Jan 24, 2026Updated 2 months ago
- a minimalistic winrm client written in python☆26Mar 6, 2026Updated last month
- A tool for carrying out brute force attacks against Office 365, with built in IP rotation use AWS gateways.☆80Jun 6, 2024Updated last year
- Convert your shellcode into an ASCII string☆127Jun 27, 2025Updated 9 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆217Oct 19, 2024Updated last year
- shellcode obfuscater and runner in golang☆11Aug 13, 2023Updated 2 years ago
- ASPX Web Shell with COFF Loader☆126Mar 10, 2026Updated last month
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆14Apr 2, 2026Updated last week
- SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai.☆396Sep 26, 2025Updated 6 months ago
- A tool that supports finding and abusing whitelisted programs to allow arbitrary file writing into the executable folder of Antivirus sof…☆85Nov 1, 2025Updated 5 months ago
- PowerShell Script to automatically abuse the BadSuccessor vulnerability (CVE-2025-53779)☆45Nov 19, 2025Updated 4 months ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated last year
- A tool to assist DLL hijacking via the Havoc GUI☆13Jan 9, 2024Updated 2 years ago
- Talk slides and material☆38Mar 24, 2024Updated 2 years ago
- CVE-2023-2255 Libre Office☆64Jul 10, 2023Updated 2 years ago
- Zerologon Check and Exploit - Discovered by Tom Tervoort of Secura and expanded on @Dirkjanm's cve-2020-1472 coded example. This tool wil…☆18Apr 12, 2022Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Tool that gathers a customizable set of ETW telemetry and generates user-defined detections☆47Jan 28, 2026Updated 2 months ago
- Dump Teams conversations☆18Jun 9, 2021Updated 4 years ago
- converts sRDI compatible dlls to shellcode☆35Jan 20, 2025Updated last year
- ☆73Jan 1, 2026Updated 3 months ago
- Tamper Active Directory user attributes to collect their hashes with MS-SNTP☆65Jan 21, 2025Updated last year
- Offensive Linux tool for network attacks. Built from the ground with only C.☆14May 1, 2021Updated 4 years ago
- A simple research-focused AES-based shellcode loader demonstrating in-memory execution and NTAPI techniques to help understand how custom…☆45Feb 19, 2026Updated last month