improsec / BackupOperatorToolkitLinks
The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin
☆176Updated 2 years ago
Alternatives and similar repositories for BackupOperatorToolkit
Users that are interested in BackupOperatorToolkit are comparing it to the libraries listed below
Sorting:
- ☆118Updated 4 months ago
- Cortex XDR Config Extractor☆132Updated 2 years ago
- Automated exploitation of MSSQL servers at scale☆112Updated this week
- ☆159Updated last year
- C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps☆140Updated last year
- PowerShell Reverse Shell☆78Updated 2 years ago
- ☆163Updated 8 months ago
- ACL abuse swiss-knife☆125Updated 2 years ago
- Lateral Movement☆124Updated last year
- A tool for enumerating potential hosts that are open to GSSAPI abuse within Active Directory networks☆159Updated last year
- Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) SMB shares☆176Updated 2 years ago
- Collection of random RedTeam scripts.☆206Updated last year
- Uses rpcdump to locate the ADCS server, and identify if ESC8 is vulnerable from unauthenticated perspective.☆82Updated 10 months ago
- OPSEC safe Kerberoasting in C#☆192Updated 3 years ago
- Some scripts to support with importing large datasets into BloodHound☆80Updated last year
- ☆221Updated last year
- Determine if the WebClient Service (WebDAV) is running on a remote system☆138Updated last year
- A Python POC for CRED1 over SOCKS5☆151Updated 9 months ago
- Lord Of Active Directory - automatic vulnerable active directory on AWS☆147Updated last year
- Static standalone binaries for Linux and Windows (x64) of Python offensive tools. Compiled using PyInstaller, Docker for Windows, WSL2, a…☆104Updated 3 years ago
- A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.☆132Updated last year
- A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY☆86Updated 3 years ago
- PoC to coerce authentication from Windows hosts using MS-WSP☆253Updated last year
- Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin pr…☆234Updated last year
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆123Updated 4 months ago
- PowerShell runner for executing malicious payloads in order to bypass Windows Defender.☆73Updated 3 years ago
- ☆207Updated last year
- Python script for automating the creation of serverless cloud redirectors from Cobalt Strike malleable C2 profiles☆199Updated last year
- Small utility to chunk up a large BloodHound JSON file into smaller files for importing.☆94Updated 2 years ago
- ☆82Updated 11 months ago