A C# tool to output crackable DPAPI hashes from user MasterKeys
☆140Sep 14, 2024Updated last year
Alternatives and similar repositories for DPAPISnoop
Users that are interested in DPAPISnoop are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆224Oct 22, 2023Updated 2 years ago
- Simple BOF to read the protection level of a process☆122May 10, 2023Updated 2 years ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆188Jun 22, 2022Updated 3 years ago
- ☆177Mar 27, 2023Updated 3 years ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆261May 10, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 3 years ago
- ☆83Nov 1, 2023Updated 2 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Apr 4, 2023Updated 3 years ago
- Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting☆365Dec 19, 2022Updated 3 years ago
- OPSEC safe Kerberoasting in C#☆198Jun 14, 2022Updated 3 years ago
- DPAPI looting remotely and locally in Python☆549Mar 13, 2026Updated last month
- COFF file (BOF) for managing Kerberos tickets.☆322Jul 2, 2023Updated 2 years ago
- Abuse leaked token handles.☆136Dec 14, 2023Updated 2 years ago
- An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).☆419Jan 27, 2024Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆265Jun 29, 2024Updated last year
- Generate an obfuscated DLL that will disable AMSI & ETW☆332Jul 15, 2024Updated last year
- Lockless BOF☆79May 2, 2025Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆379Apr 19, 2023Updated 3 years ago
- A BOF to determine Windows Defender exclusions.☆255Jun 25, 2023Updated 2 years ago
- ☆128Jun 28, 2023Updated 2 years ago
- More examples using the Impacket library designed for learning purposes.☆266Nov 4, 2022Updated 3 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145May 18, 2024Updated last year
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆78Feb 8, 2023Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆687Aug 15, 2025Updated 8 months ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆485Oct 14, 2022Updated 3 years ago
- Click Once + App Domain☆67Feb 23, 2026Updated 2 months ago
- Dump the memory of any PPL with a Userland exploit chain☆352Mar 17, 2023Updated 3 years ago
- A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.☆327Jan 31, 2023Updated 3 years ago
- A User Impersonation tool - via Token or Shellcode injection☆423May 21, 2022Updated 3 years ago
- In-memory token vault BOF for Cobalt Strike☆150Aug 18, 2022Updated 3 years ago
- ☆75Jun 17, 2025Updated 10 months ago
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆272Sep 14, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆303Oct 26, 2022Updated 3 years ago
- ☆430Apr 22, 2025Updated last year
- .NET/PowerShell/VBA Offensive Security Obfuscator☆521Feb 1, 2024Updated 2 years ago
- The code is a pingback to the Dark Vortex blog:☆189Jan 26, 2023Updated 3 years ago
- ☆120Mar 28, 2025Updated last year
- PoC to coerce authentication from Windows hosts using MS-WSP☆305Sep 7, 2023Updated 2 years ago
- Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code☆24Mar 13, 2023Updated 3 years ago