C# Port of LdapRelayScan
☆91Nov 26, 2025Updated 3 months ago
Alternatives and similar repositories for SharpLdapRelayScan
Users that are interested in SharpLdapRelayScan are comparing it to the libraries listed below
Sorting:
- Beacon Object File & C# project to check LDAP signing☆199Aug 7, 2024Updated last year
- .NET implementation of Cobalt Strike's External C2 Spec☆89Nov 12, 2021Updated 4 years ago
- An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).☆418Jan 27, 2024Updated 2 years ago
- Check for LDAP protections regarding the relay of NTLM authentication☆530Nov 19, 2024Updated last year
- ☆181Feb 3, 2021Updated 5 years ago
- Coerce Windows machines auth via MS-EVEN☆174Jan 17, 2024Updated 2 years ago
- ☆94May 14, 2022Updated 3 years ago
- ☆133Dec 4, 2023Updated 2 years ago
- Framework for Kerberos relaying☆938May 29, 2022Updated 3 years ago
- ☆234Oct 8, 2024Updated last year
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆186Jun 22, 2022Updated 3 years ago
- Enumerate Domain Data☆335Sep 13, 2023Updated 2 years ago
- IOXIDResolver from AirBus Security/PingCastle☆51Nov 25, 2020Updated 5 years ago
- Automated compiler obfuscation for nim☆139Jun 27, 2022Updated 3 years ago
- A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk☆473Jul 6, 2024Updated last year
- ☆10Jan 17, 2022Updated 4 years ago
- MS-FSRVP coercion abuse PoC☆302Dec 30, 2021Updated 4 years ago
- Pass the Hash to a named pipe for token Impersonation☆311Nov 29, 2023Updated 2 years ago
- ☆477Nov 20, 2022Updated 3 years ago
- D/Invoke implementation in Nim☆100Jun 8, 2022Updated 3 years ago
- ☆46Jun 25, 2024Updated last year
- Nim version of MDSec's Parallel Syscall PoC☆124Jan 14, 2022Updated 4 years ago
- ☆160Apr 17, 2024Updated last year
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 3 years ago
- .NET 4.0 WinRM API Command Execution☆166Sep 11, 2020Updated 5 years ago
- In-memory token vault BOF for Cobalt Strike☆149Aug 18, 2022Updated 3 years ago
- Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin pr…☆237Sep 3, 2023Updated 2 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆148Jun 2, 2022Updated 3 years ago
- SharpReg is a simple code set to interact with the Remote Registry service api and is compatible with Cobalt Strike.☆28Apr 12, 2020Updated 5 years ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆91Nov 24, 2022Updated 3 years ago
- C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic☆144Feb 23, 2022Updated 4 years ago
- C# version of NTLMRawUnHide☆72Oct 8, 2022Updated 3 years ago
- ☆224Oct 22, 2023Updated 2 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆114Oct 21, 2023Updated 2 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆220Jul 14, 2021Updated 4 years ago
- NTLM relaying for Windows made easy☆581Apr 25, 2023Updated 2 years ago
- Recovering NTLM hashes from Credential Guard☆377Dec 26, 2022Updated 3 years ago
- ☆92Aug 23, 2021Updated 4 years ago
- ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound via BOFHound, and also supports full-ob…☆1,063Jan 22, 2026Updated last month