A PoC for the dMSA Active Directory Domain Takeover deemed BadSuccessor
☆48Jul 20, 2025Updated 7 months ago
Alternatives and similar repositories for BadSuccessor
Users that are interested in BadSuccessor are comparing it to the libraries listed below
Sorting:
- Automated Pass-the-Ticket (PtT) attack. Standalone alternative to Rubeus and Mimikatz for this attack. Implemented in C#, C++, Crystal, P…☆124Feb 17, 2026Updated 2 weeks ago
- Windows Privilege Escalation☆23Jun 7, 2022Updated 3 years ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆44Feb 24, 2026Updated last week
- Impack-only implementation of WinRM protocol with support for NTLM and Kerberos auth☆121Oct 20, 2025Updated 4 months ago
- Demo of a malicious python package that will run code upon pip download or install☆29Sep 10, 2022Updated 3 years ago
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆13Jul 16, 2025Updated 7 months ago
- A tool to assist DLL hijacking via the Havoc GUI☆12Jan 9, 2024Updated 2 years ago
- A C# utility for interacting with SCOM☆96Dec 2, 2025Updated 3 months ago
- Precompiled executable☆63Feb 21, 2025Updated last year
- Python and BOF utilites to the determine EPA enforcement levels of popular NTLM relay targets from the offensive perspective☆166Jan 12, 2026Updated last month
- converts sRDI compatible dlls to shellcode☆35Jan 20, 2025Updated last year
- Bunch of BOF files☆39Jun 30, 2025Updated 8 months ago
- PowerShell Script to automatically abuse the BadSuccessor vulnerability (CVE-2025-53779)☆44Nov 19, 2025Updated 3 months ago
- Automatically parse Malleable C2 profiled into CrossC2 rebinding library source code☆21Feb 13, 2023Updated 3 years ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated 11 months ago
- A tool that supports finding and abusing whitelisted programs to allow arbitrary file writing into the executable folder of Antivirus sof…☆81Nov 1, 2025Updated 4 months ago
- Dump Teams conversations☆18Jun 9, 2021Updated 4 years ago
- Convert your shellcode into an ASCII string☆128Jun 27, 2025Updated 8 months ago
- Convert .reg to registry hive and reciprocally, without elevation☆83Feb 18, 2026Updated 2 weeks ago
- Tamper Active Directory user attributes to collect their hashes with MS-SNTP��☆64Jan 21, 2025Updated last year
- ☆55May 31, 2025Updated 9 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆215Oct 19, 2024Updated last year
- ☆54Feb 12, 2026Updated 3 weeks ago
- This repository contains a proof-of-concept exploit script for CVE-2025-32432, a pre-authentication Remote Code Execution (RCE) vulnerabi…☆24Apr 27, 2025Updated 10 months ago
- Example of running C3 (https://github.com/FSecureLABS/C3) in a Docker container☆27Oct 24, 2021Updated 4 years ago
- A python port of @dafthack's MFAsweep with some added OPSEC functionality. MFAde can be used to find single-factor authentication failure…☆51Jul 18, 2025Updated 7 months ago
- A tool for carrying out brute force attacks against Office 365, with built in IP rotation use AWS gateways.☆80Jun 6, 2024Updated last year
- SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai.☆386Sep 26, 2025Updated 5 months ago
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆95Jul 3, 2025Updated 8 months ago
- Collection of useful pre-compiled .NET binaries or other executables for penetration testing Windows Active Directory environments☆245Feb 16, 2026Updated 2 weeks ago
- a minimalistic winrm client written in python☆25May 15, 2025Updated 9 months ago
- A synergized Visual Studio and Rust development environment☆19Jan 25, 2025Updated last year
- Less sugar (entropy) for your binaries☆33Sep 10, 2025Updated 5 months ago
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆101Jan 10, 2026Updated last month
- .NET port of Leron Gray's azbelt tool.☆26Sep 21, 2023Updated 2 years ago
- Audiodg.exe DLL hijacking for LPE with reboot-free restart primitive. Executes code as LOCAL SERVICE, escalates to SYSTEM via Scheduled T…☆88Jan 24, 2026Updated last month
- Authenticated 0-click RCE against Linux 6.1.45 for CVE-2023-52440 and CVE-2023-4130☆52Sep 13, 2025Updated 5 months ago
- Advanced Domain Controller attack and credential analysis tool leveraging DonPAPI database☆259Nov 3, 2025Updated 4 months ago
- SharpSilentChrome is a C# project that "silently" installs browser extensions on Google Chrome or MS Edge by updating the browsers' Prefe…☆189Aug 6, 2025Updated 6 months ago