Python DPAPI NG Decryptor for non-Windows Platforms
☆66Dec 20, 2024Updated last year
Alternatives and similar repositories for dpapi-ng
Users that are interested in dpapi-ng are comparing it to the libraries listed below
Sorting:
- Extension functionality for the NightHawk operator client☆26Nov 3, 2023Updated 2 years ago
- PowerShell SecretManagement module for DPAPI-NG☆31Sep 12, 2025Updated 5 months ago
- ☆47Feb 11, 2023Updated 3 years ago
- Python module for running BOFs☆80Nov 28, 2025Updated 3 months ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆78Feb 8, 2023Updated 3 years ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated last year
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Apr 4, 2023Updated 2 years ago
- Using fibers to run in-memory code.☆242Oct 19, 2023Updated 2 years ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆125Feb 13, 2023Updated 3 years ago
- ☆17Jul 16, 2024Updated last year
- ☆19Dec 12, 2023Updated 2 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145May 18, 2024Updated last year
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 2 years ago
- ☆17Jun 28, 2023Updated 2 years ago
- Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).☆186Feb 12, 2023Updated 3 years ago
- AAD related enumeration in Nim☆132Sep 7, 2023Updated 2 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆26Jul 21, 2022Updated 3 years ago
- (First Public?) Sample of unhooking ntdll (All Exports & IAT imports) hooks in Rust using in-memory disassembly, avoiding direct syscalls…☆137Mar 3, 2025Updated last year
- WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.☆56Jun 30, 2021Updated 4 years ago
- ☆167Feb 18, 2026Updated last week
- A simple PE loader.☆27Dec 9, 2022Updated 3 years ago
- Keep it secret, keep it safe☆78Feb 6, 2025Updated last year
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆180Feb 14, 2023Updated 3 years ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- A python port of CCob's ThreadlessInject☆25Mar 18, 2023Updated 2 years ago
- C# Data Collector for BloodHound with CobaltStrike integration (BOF.NET)☆60Apr 13, 2023Updated 2 years ago
- This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret …☆263Apr 29, 2023Updated 2 years ago
- A proof-of-concept Command & Control framework that utilizes the powerful AsyncSSH Python library which provides an asynchronous client a…☆75Jun 27, 2023Updated 2 years ago
- A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…☆33Nov 12, 2022Updated 3 years ago
- Dump Citrix Secure Access auth cookie from the process memory☆76Jun 24, 2022Updated 3 years ago
- Convert an LDIF file to JSON files ingestible by BloodHound☆45Feb 9, 2026Updated 3 weeks ago
- A comprehensive list of usable Entra ID first-party clients with pre-consented Microsoft Graph scopes, in a simple YAML-file explorable w…☆148Nov 16, 2025Updated 3 months ago
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆892Feb 18, 2026Updated last week
- Bypass WiFi client isolation on Open and WPA2-PSK networks☆40Oct 14, 2025Updated 4 months ago
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆130Jan 14, 2023Updated 3 years ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆28Apr 22, 2023Updated 2 years ago
- A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.☆172May 13, 2024Updated last year
- Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin pr…☆237Sep 3, 2023Updated 2 years ago
- ☆301Oct 29, 2024Updated last year