PowerShell tool that shows how to read and write NTLM OWF values via samlib.dll.
☆72Oct 22, 2025Updated 4 months ago
Alternatives and similar repositories for NTLMPasswordChanger
Users that are interested in NTLMPasswordChanger are comparing it to the libraries listed below
Sorting:
- Azure apim mini proxy☆45Feb 16, 2026Updated 2 weeks ago
- Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM☆64Dec 25, 2025Updated 2 months ago
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆84Jan 26, 2026Updated last month
- PowerShell toolkit that extracts locked Windows files (SAM, SYSTEM, NTDS, ...) using MFT parsing and raw disk reads☆240Oct 30, 2025Updated 4 months ago
- A C# utility for interacting with SCOM☆96Dec 2, 2025Updated 3 months ago
- EDR-Redir : a tool used to redirect the EDR's folder to another location.☆222Nov 6, 2025Updated 4 months ago
- open source port/reimplementation of the Cobalt Strike BOF Loader as is☆68Feb 3, 2026Updated last month
- AppLocker-Based EDR Neutralization☆323Dec 19, 2025Updated 2 months ago
- Extract data from modern Chrome versions, including refresh tokens, cookies, saved credentials, autofill data, browsing history, and book…☆555Jan 8, 2026Updated last month
- Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but fo…☆167Oct 21, 2025Updated 4 months ago
- Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual☆14Jul 13, 2022Updated 3 years ago
- Detect public repository dependencies in the GitHub repositories with an orphan required library.☆22Jun 24, 2025Updated 8 months ago
- List web account manager (WAM) accounts added to the current profile☆22Dec 11, 2025Updated 2 months ago
- Windows Session Hijacking via COM☆339Dec 13, 2025Updated 2 months ago
- ☆171Oct 21, 2025Updated 4 months ago
- Automated environment setup for Bootkit & Rootkit development.☆36Aug 9, 2025Updated 6 months ago
- Group Policy Objects manipulation and exploitation framework☆292Dec 7, 2025Updated 2 months ago
- Example of a serverless web reconaissance workflow's AWS architecture.☆11Feb 25, 2023Updated 3 years ago
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 4 months ago
- ☆102Feb 24, 2026Updated last week
- PowerShell collector for adding SCCM attack paths to BloodHound with OpenGraph☆75Feb 27, 2026Updated last week
- One WSL BOF to rule them all☆159Jan 14, 2026Updated last month
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆39Dec 7, 2025Updated 3 months ago
- A tool for coercing and relaying Kerberos authentication over DCOM and RPC.☆147Jul 17, 2025Updated 7 months ago
- This repository contains tips, tricks, and examples of aggressor script functions. The intent is to share bite size examples that can be …☆16Aug 12, 2025Updated 6 months ago
- ☆15Jan 26, 2023Updated 3 years ago
- A comprehensive all-in-one Python-based Proof of Concept script to discover and exploit a critical authentication bypass vulnerability (C…☆12May 26, 2025Updated 9 months ago
- Proof of concept for Kerberos Armoring abuse.☆81Dec 12, 2025Updated 2 months ago
- Kibana app for RedELK�☆18Mar 19, 2023Updated 2 years ago
- Signing Visual Basic Macros in Office Files☆14Oct 25, 2020Updated 5 years ago
- Tool to enumerate privileged Scheduled Tasks on Remote Systems☆286Jan 12, 2026Updated last month
- ForsHops☆59Mar 25, 2025Updated 11 months ago
- ☆18Sep 1, 2025Updated 6 months ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆124Jan 17, 2026Updated last month
- SharpDir is a simple code set to search both local and remote file systems for files and is compatible with Cobalt Strike.☆30Jul 4, 2019Updated 6 years ago
- Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources☆13Jun 24, 2018Updated 7 years ago
- ☆207Dec 17, 2025Updated 2 months ago
- ☆159Dec 13, 2024Updated last year
- Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy☆167Nov 17, 2025Updated 3 months ago