leftp / BackupCredsLinks
A C# implementation of dumping credentials from Windows Credential Manager
☆59Updated last year
Alternatives and similar repositories for BackupCreds
Users that are interested in BackupCreds are comparing it to the libraries listed below
Sorting:
- Bypassing Amsi using LdrLoadDll☆44Updated 4 months ago
- C# Tool to interact with MS Exchange based on MS docs☆101Updated 2 years ago
- PoC to self-delete a binary in C#☆33Updated last year
- C# Port of LdapRelayScan☆83Updated 3 years ago
- A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation☆16Updated 5 months ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆86Updated 2 years ago
- ☆39Updated 2 years ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆70Updated last year
- ☆128Updated last year
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆28Updated 4 months ago
- Cobalt Strike UDRL for memory scanner evasion.☆51Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆94Updated last year
- Click Once + App Domain☆62Updated last year
- Beacon Object Files (not Buffer Overflows)☆55Updated 2 years ago
- Lateral Movement via the .NET Profiler☆82Updated 6 months ago
- SAM Dumping in C#☆48Updated 4 months ago
- My implementation of Halo's Gate technique in C#☆54Updated 3 years ago
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆39Updated last year
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆39Updated last year
- ☆25Updated 3 years ago
- BOF to decrypt Signal Desktop chat logs☆65Updated 3 months ago
- ☆62Updated 4 months ago
- ☆36Updated last year
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆22Updated last year
- Execute dotnet app from unmanaged process☆75Updated 5 months ago
- EmbedExeLnk by x86matthew modified by d4rkiZ☆41Updated 2 years ago
- Tool for playing with Windows Access Token manipulation.☆55Updated 2 years ago
- Quick python script to replace the NtAPI functions within SysWhispers' assembly and header files with random strings☆27Updated 3 years ago
- An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities☆59Updated 2 years ago
- Run Cobalt Strike BOFs in Brute Ratel C4!☆68Updated last month