Async BOF implementation of 'Rubeus monitor' to detect and automatically extract Kerberos TGTs as they appear on a target system.
☆120Apr 22, 2026Updated 3 weeks ago
Alternatives and similar repositories for tgt-monitor-bof
Users that are interested in tgt-monitor-bof are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Python and BOF utilites to the determine EPA enforcement levels of popular NTLM relay targets from the offensive perspective☆175May 8, 2026Updated last week
- Azure apim mini proxy☆58Feb 16, 2026Updated 3 months ago
- PowerShell-based utility for mapping byte offsets to source code using hex and ASCII context for detection research and red team tooling.☆33Dec 31, 2025Updated 4 months ago
- BOF to terminate a process via PID as argument☆28Sep 7, 2025Updated 8 months ago
- Microsoft Entra ID (Azure AD) Unauthenticated Enumeration☆70Feb 5, 2026Updated 3 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- BAADTokenBroker is a post-exploitation tool designed to interact with Microsoft Entra ID device-bound keys.☆80Apr 11, 2026Updated last month
- a minimalistic winrm client written in python☆44Apr 17, 2026Updated last month
- ASPX Web Shell with COFF Loader☆129Mar 10, 2026Updated 2 months ago
- dcsync bof☆52Feb 13, 2026Updated 3 months ago
- Elfina is a multi-architecture ELF loader written in Rust, supporting x86 and x86-64 binaries.☆46Mar 15, 2026Updated 2 months ago
- A Ligolo-ng JavaScript agent working inside Chrome & Chromium-based browsers by leveraging Isolated Web Applications.☆127Mar 30, 2026Updated last month
- A C# utility for interacting with SCOM☆100Dec 2, 2025Updated 5 months ago
- Automated Pass-the-Ticket (PtT) attack. Standalone alternative to Rubeus and Mimikatz for this attack. Implemented in C#, C++, Crystal, P…☆133Feb 17, 2026Updated 3 months ago
- A portable bridge between your C2 infrastructure and Discord, built for quick and lightweight operations.☆13Jun 3, 2025Updated 11 months ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- A PoC for the dMSA Active Directory Domain Takeover deemed BadSuccessor☆54Mar 6, 2026Updated 2 months ago
- A Beacon Object File (BOF) that talks directly to Windows authentication packages through the LSA untrusted/trusted client interface, wit…☆295Feb 21, 2026Updated 2 months ago
- Multi-protocol credential validation tool with spray and no-spray modes for penetration testing.☆22Updated this week
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆154Apr 18, 2025Updated last year
- Exploitation of CVE-2025-29969☆65Feb 20, 2026Updated 2 months ago
- ☆28Mar 14, 2026Updated 2 months ago
- A Cobalt Strike RL built with Crystal Palace — module overloading, NtContinue entry transfer, call stack spoofing, sleep masking, and sta…☆205Mar 15, 2026Updated 2 months ago
- test☆104Apr 25, 2026Updated 3 weeks ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 8 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Minimal Windows Service Template for demonstrating privilege escalation via weak service executable permissions☆14Nov 13, 2022Updated 3 years ago
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆86Oct 20, 2025Updated 6 months ago
- Impersonate Windows tokens in Nim☆23Aug 4, 2025Updated 9 months ago
- A simple BOF that disables some logging with NtSetInformationProcess☆14Oct 13, 2023Updated 2 years ago
- An improvement and a different approach to Mockingjay Self-Injection.☆35May 21, 2024Updated last year
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆34Aug 18, 2025Updated 9 months ago
- One WSL BOF to rule them all☆176Jan 14, 2026Updated 4 months ago
- COM-based DLL Surrogate Injection☆169Dec 9, 2025Updated 5 months ago
- A portable C# utility for enumerating local and remote windows sessions☆57Jan 1, 2026Updated 4 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆14Sep 26, 2023Updated 2 years ago
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- A simple research-focused AES-based shellcode loader demonstrating in-memory execution and NTAPI techniques to help understand how custom…☆48Feb 19, 2026Updated 3 months ago
- A C and Go /proc/pid/maps cloak of invisibilty for shared object files☆22Nov 19, 2025Updated 5 months ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆47Feb 24, 2026Updated 2 months ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆68May 2, 2023Updated 3 years ago
- PowerShell Script to automatically abuse the BadSuccessor vulnerability (CVE-2025-53779)☆45Nov 19, 2025Updated 5 months ago