jordanbtucker / dpapick
DPAPI offline decryption utility
☆67Updated last year
Related projects: ⓘ
- Windows DPAPI laboratory☆85Updated 6 years ago
- DLL Password Filter Implant with Exfiltration Capabilities☆133Updated 4 years ago
- InsecurePowerShell is PowerShell with some security features removed.☆102Updated 6 years ago
- A proof-of-concept subject interface package (SIP) used to demonstrate digital signature subversion attacks.☆92Updated 6 years ago
- Mario & Luigi - Tools for sniffing Windows Named Pipes communication☆129Updated 7 years ago
- SCOMDecrypt is a tool to decrypt stored RunAs credentials from SCOM servers☆118Updated 10 months ago
- Code Exec via Excel☆83Updated 7 years ago
- ☆60Updated 9 months ago
- A simple python implementation of a BITS server.☆103Updated 2 years ago
- BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET☆143Updated 4 years ago
- Documentation and supporting script sample for Windows Exploit Guard☆148Updated 2 years ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆105Updated 4 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆213Updated 4 years ago
- Neutering Sysmon via driver unload☆219Updated last year
- ☆76Updated 3 years ago
- Managed code hooking template.☆127Updated 2 years ago
- A repository of some of my Windows 10 Device Guard Bypasses☆133Updated 7 years ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)☆161Updated 7 years ago
- A tool to exploit .NET DCOM for EoP and RCE. Is fixed in latest versions of the .NET.☆84Updated 9 years ago
- Managed code hooking template.☆106Updated 3 years ago
- CSHARP DCOM Fun☆120Updated 5 years ago
- ReaCOM has got a lot of tools to use and is related to component object model☆73Updated 4 years ago
- Python DPAPI NG Decryptor for non-Windows Platforms☆53Updated last year
- Leghorn code for PKI abuse☆31Updated 3 years ago
- MSBuild Without MSBuild.exe☆155Updated 3 years ago
- Powershell module to get the NetNTLMv2 hash of the current user☆92Updated 2 years ago
- Library of tools and examples for loading/bootstrapping managed code from unmanaged code in .NET☆62Updated 4 years ago
- D/Invoke port of UrbanBishop☆104Updated 4 years ago
- Tool for injecting a "TCP Relay" managed assembly into an unmanaged process☆62Updated 5 years ago
- ☆68Updated 2 years ago