Dump TGTs remotely and convert Windows' klist binary output to ccache.
☆80Jun 30, 2026Updated 2 weeks ago
Alternatives and similar repositories for klist2ccache
Users that are interested in klist2ccache are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Code and data for our paper "Onelogon: Taking over Active Directory Accounts via Netlogon" (WOOT’26).☆107Jun 22, 2026Updated 3 weeks ago
- Proof-of-Concept tool to dump trusted domain objects☆44May 14, 2026Updated 2 months ago
- ☆78Updated this week
- Activation Context Hijacking Evasion Tool☆293Jun 17, 2026Updated 3 weeks ago
- DCOM in memory and fileless lateral movement techniques through .Net deserilization☆272Jun 22, 2026Updated 3 weeks ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Monitor the Windows Event Log with grep-like features or filtering for specific Event IDs☆134Mar 26, 2026Updated 3 months ago
- Extract DPAPI CREDHIST and Masterkey hashes☆21May 28, 2026Updated last month
- A stealthy and modular Windows loader designed to bypass modern EDR solutions using Module Stomping, Stack Duplication, and Advanced Slee…☆66Updated this week
- KslDump — Why bring your own knife when Defender already left one in the kitchen?☆392Apr 13, 2026Updated 3 months ago
- Unauthenticated start EFS service on remote Windows host (make PetitPotam great again)☆144Oct 23, 2025Updated 8 months ago
- Active Directory Certificate Services (ADCS) enumeration library with BloodHound CE v6 export support☆82Jun 10, 2026Updated last month
- WasmForge — compile Go and C# programs to single-binary, WASM-sandboxed native executables with polymorphic output.☆99Jun 24, 2026Updated 2 weeks ago
- Havoc C2 BOF port of the KslD.sys BYOVD technique. Credential extraction from lsass via physical memory — no OpenProcess, no auditable AP…☆142Apr 22, 2026Updated 2 months ago
- Another new coercion primitive with LPE - machine-account NTLM coercion from a non-admin user via Windows Store InstallService plugin res…☆86Jun 20, 2026Updated 3 weeks ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- CVE-2025-59501 POC code☆25Nov 20, 2025Updated 7 months ago
- ☆42Jul 1, 2026Updated last week
- A Ligolo-ng JavaScript agent working inside Chrome & Chromium-based browsers by leveraging Isolated Web Applications.☆134Mar 30, 2026Updated 3 months ago
- Proof of concept for Kerberos Armoring abuse.☆86Dec 12, 2025Updated 7 months ago
- Polymorphic PE rewriter for Windows x64 , rewrites binaries into semantically identical but byte-different variants☆192Jun 6, 2026Updated last month
- A credential extraction BOF for Veeam Backup and Replication and Veeam One☆78Jul 1, 2026Updated last week
- AdaptixC2 default beacon agent extended to support Crystal Palace loaders.☆62May 4, 2026Updated 2 months ago
- A simple OAuth App designed to capture OAuth tokens when users authenticate through GitHub OAuth flow.☆25Apr 20, 2026Updated 2 months ago
- Automating the MITM attack on WSUS☆378Jul 4, 2026Updated last week
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- .NET CLR-Stomping☆146May 20, 2026Updated last month
- DSCourier is a proof-of-concept that uses the WinGet Configuration COM API to apply DSC configurations through Microsoft-signed binaries.☆210Jun 25, 2026Updated 2 weeks ago
- Smuggling C2 comms through links previews☆18Jun 17, 2026Updated 3 weeks ago
- Evasive loader for .NET Framework assemblies☆82May 12, 2026Updated 2 months ago
- Beacon Object File for LDAP Queries Through ADWS☆33Jun 12, 2026Updated last month
- ☆111Jul 1, 2026Updated last week
- Tool for Active Directory Certificate Services enumeration and abuse☆167Apr 17, 2025Updated last year
- This repo contains the results of an internal re-write of impacket I undertook at my current company. It contains some of the IoCs found …☆313May 24, 2026Updated last month
- Beacon Object File to Enable Chrome DevTools Protocol (CDP)☆116Jul 1, 2026Updated last week
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆96Jul 3, 2025Updated last year
- Active Directory time discovery protocols for red teams. Stealthy extraction via Kerberos, SMB, NTLM, and CLDAP.☆71Updated this week
- Technical Reference to multiple relay techniques☆190May 21, 2026Updated last month
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆929Jun 25, 2026Updated 2 weeks ago
- Async BOF to automatically extract or renew Kerberos TGTs on a target system.☆134Updated this week
- Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel☆60Apr 13, 2025Updated last year
- goLoL is a Windows host scanner with dual support for LOLBAS binaries and LOLDrivers. It lists LOLBAS techniques runnable at your current…☆66Jun 28, 2026Updated 2 weeks ago