leftp / BackupCredsLinks
A C# implementation of dumping credentials from Windows Credential Manager
☆59Updated last year
Alternatives and similar repositories for BackupCreds
Users that are interested in BackupCreds are comparing it to the libraries listed below
Sorting:
- Bypassing Amsi using LdrLoadDll☆44Updated 5 months ago
- C# Tool to interact with MS Exchange based on MS docs☆101Updated 2 years ago
- PoC to self-delete a binary in C#☆33Updated last year
- C# Port of LdapRelayScan☆85Updated 3 years ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆86Updated 2 years ago
- ☆128Updated last year
- Just another ntdll unhooking using Parun's Fart technique☆75Updated 2 years ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆70Updated last year
- ☆26Updated 7 months ago
- Click Once + App Domain☆62Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆95Updated last year
- A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation☆17Updated 6 months ago
- Beacon Object Files (not Buffer Overflows)☆56Updated 2 years ago
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆39Updated last year
- SAM Dumping in C#☆48Updated 5 months ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Updated 4 months ago
- Quick python script to replace the NtAPI functions within SysWhispers' assembly and header files with random strings☆27Updated 3 years ago
- Lateral Movement via the .NET Profiler☆82Updated 7 months ago
- ☆25Updated 3 years ago
- Tool for playing with Windows Access Token manipulation.☆55Updated 2 years ago
- ☆79Updated last year
- ☆71Updated last year
- An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities☆61Updated 2 years ago
- ☆39Updated 2 years ago
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆39Updated last year
- BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR☆76Updated last year
- ☆97Updated 9 months ago
- This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…☆43Updated last month
- Run Cobalt Strike BOFs in Brute Ratel C4!☆67Updated 2 months ago
- GPOAnalyzer is a tool designed to assist in parsing domain Group Policy Object (GPO) files located in the SYSVOL directory.☆27Updated last year