jfjallid / go-lsassLinks
Tool to aid in dumping LSASS process remotely
☆39Updated 10 months ago
Alternatives and similar repositories for go-lsass
Users that are interested in go-lsass are comparing it to the libraries listed below
Sorting:
- SAM Dumping in C#☆48Updated 4 months ago
- Extract registry and NTDS secrets from local or remote disk images☆43Updated 2 months ago
- This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…☆39Updated 3 weeks ago
- ☆55Updated 7 months ago
- ☆29Updated last year
- time-based user enum via Basic Auth in Azure against Autodiscover☆32Updated 8 months ago
- Docker container for running CobaltStrike 4.10☆37Updated 8 months ago
- A tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs)☆57Updated this week
- Python3 rewrite of AsOutsider features of AADInternals☆47Updated 5 months ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33Updated last year
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆50Updated 4 months ago
- DFSCoerce exe revisited version with custom authentication☆40Updated last year
- Beacon Object Files (BOF) for Cobalt Strike.☆31Updated 9 months ago
- ☆22Updated 7 months ago
- ☆48Updated 2 years ago
- ☆25Updated 3 months ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Updated 3 months ago
- ☆59Updated last year
- BOF to decrypt Signal Desktop chat logs☆65Updated 3 months ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆70Updated last year
- ☆55Updated 3 months ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆74Updated 2 years ago
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆39Updated last year
- ☆48Updated last year
- ☆38Updated this week
- A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80☆20Updated 2 months ago
- BOF for C2 framework☆41Updated 6 months ago
- .NET port of Leron Gray's azbelt tool.☆26Updated last year
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆49Updated last month
- A simple C++ Windows tool to get information about processes exposing named pipes.☆37Updated 2 months ago