Python DPAPI NG Decryptor for non-Windows Platforms
☆67Dec 20, 2024Updated last year
Alternatives and similar repositories for dpapi-ng
Users that are interested in dpapi-ng are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- PowerShell SecretManagement module for DPAPI-NG☆32Sep 12, 2025Updated 6 months ago
- ☆17Jul 16, 2024Updated last year
- Extension functionality for the NightHawk operator client☆26Nov 3, 2023Updated 2 years ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated last year
- ☆48Feb 11, 2023Updated 3 years ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆78Feb 8, 2023Updated 3 years ago
- Python module for running BOFs☆80Nov 28, 2025Updated 3 months ago
- ☆17Jun 28, 2023Updated 2 years ago
- Modified-Thycotic-Secret-Stealer for use with DPAPI and offline Decryption☆19Aug 5, 2022Updated 3 years ago
- A small example of loading BOFs in Python with pure reflection☆19Jan 26, 2023Updated 3 years ago
- ☆26Aug 5, 2025Updated 7 months ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Apr 4, 2023Updated 2 years ago
- Using fibers to run in-memory code.☆243Oct 19, 2023Updated 2 years ago
- (First Public?) Sample of unhooking ntdll (All Exports & IAT imports) hooks in Rust using in-memory disassembly, avoiding direct syscalls…☆138Mar 3, 2025Updated last year
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- Keep it secret, keep it safe☆78Feb 6, 2025Updated last year
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 2 years ago
- A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.☆175May 13, 2024Updated last year
- Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).☆185Feb 12, 2023Updated 3 years ago
- Active Directory Firewall☆99Feb 25, 2026Updated 3 weeks ago
- A comprehensive list of usable Entra ID first-party clients with pre-consented Microsoft Graph scopes, in a simple YAML-file explorable w…☆151Nov 16, 2025Updated 4 months ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145May 18, 2024Updated last year
- AAD related enumeration in Nim☆131Sep 7, 2023Updated 2 years ago
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆180Feb 14, 2023Updated 3 years ago
- WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.☆56Jun 30, 2021Updated 4 years ago
- Threadless Injection Payload Toolkit☆12Oct 12, 2023Updated 2 years ago
- A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…☆33Nov 12, 2022Updated 3 years ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆125Feb 13, 2023Updated 3 years ago
- A simple PE loader.☆27Dec 9, 2022Updated 3 years ago
- Get notified on the addition or removal of roles and permissions in Microsoft Entra ID and Azure☆16Updated this week
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆26Jul 21, 2022Updated 3 years ago
- ☆19Dec 12, 2023Updated 2 years ago
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆140Sep 14, 2024Updated last year
- macOS dylib stager☆36Jan 22, 2025Updated last year
- Dump Citrix Secure Access auth cookie from the process memory☆76Jun 24, 2022Updated 3 years ago
- ☆12Jul 2, 2023Updated 2 years ago
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆898Mar 11, 2026Updated last week
- C# Data Collector for BloodHound with CobaltStrike integration (BOF.NET)☆59Apr 13, 2023Updated 2 years ago
- ☆170Feb 27, 2026Updated 3 weeks ago