icyguider / DumpNParseView external linksLinks
A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.
☆152Nov 21, 2021Updated 4 years ago
Alternatives and similar repositories for DumpNParse
Users that are interested in DumpNParse are comparing it to the libraries listed below
Sorting:
- Dumping LSASS with a duplicated handle from custom LSA plugin☆204Feb 23, 2022Updated 3 years ago
- ☆539Nov 20, 2021Updated 4 years ago
- Project to enumerate proxy configurations and generate shellcode from CobaltStrike☆140Nov 4, 2020Updated 5 years ago
- C# Lsass parser☆296Oct 13, 2021Updated 4 years ago
- ☆55Nov 11, 2021Updated 4 years ago
- Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).☆817Dec 14, 2023Updated 2 years ago
- Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…☆269Mar 18, 2021Updated 4 years ago
- ☆181Feb 3, 2021Updated 5 years ago
- Pass the Hash to a named pipe for token Impersonation☆313Nov 29, 2023Updated 2 years ago
- C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode injection☆252Mar 31, 2021Updated 4 years ago
- official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)☆232Jun 10, 2022Updated 3 years ago
- C# Reflective loader for unmanaged binaries.☆447Jan 25, 2023Updated 3 years ago
- Executes position independent shellcode from an encrypted zip☆304Dec 22, 2020Updated 5 years ago
- A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.☆143Sep 24, 2021Updated 4 years ago
- WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement☆369Dec 24, 2021Updated 4 years ago
- Use to check the valid account of the Remote Desktop Protocol(Support plaintext and ntlmhash)☆165May 14, 2020Updated 5 years ago
- A small POC to make defender useless by removing its token privileges and lowering the token integrity☆689Jun 28, 2022Updated 3 years ago
- C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic☆145Feb 23, 2022Updated 3 years ago
- 自不量力的mimikatz分离计划☆44Nov 28, 2021Updated 4 years ago
- .NET 4.0 WinRM API Command Execution☆166Sep 11, 2020Updated 5 years ago
- ☆82Feb 12, 2022Updated 4 years ago
- C# version of MDSec's ParallelSyscalls☆141Jan 9, 2022Updated 4 years ago
- C# version of Powermad☆170Dec 5, 2023Updated 2 years ago
- ☆101Aug 23, 2021Updated 4 years ago
- LOLBINs that inject a DLL into a given process ID.☆139Nov 21, 2021Updated 4 years ago
- ☆152Jan 6, 2023Updated 3 years ago
- 通过WindowsAPI获取用户凭证,并保存到文件中☆196Jun 18, 2024Updated last year
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 5 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆93Mar 8, 2023Updated 2 years ago
- Inject .NET assemblies into an existing process☆508Jan 19, 2022Updated 4 years ago
- Collection of remote authentication triggers in C#☆524May 15, 2024Updated last year
- A little tool to play with the Seclogon service☆328Jul 10, 2022Updated 3 years ago
- A list of all the DLLs export in C:\windows\system32\☆221Dec 22, 2021Updated 4 years ago
- Command line interface to dump LSASS memory to disk via SilentProcessExit☆455Dec 23, 2020Updated 5 years ago
- MS-FSRVP coercion abuse PoC☆305Dec 30, 2021Updated 4 years ago
- NTLM relaying for Windows made easy☆579Apr 25, 2023Updated 2 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆187Jul 21, 2022Updated 3 years ago
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆220May 3, 2023Updated 2 years ago
- ☆667Nov 17, 2021Updated 4 years ago