A C# tool to output crackable DPAPI hashes from user MasterKeys
☆141Sep 14, 2024Updated last year
Alternatives and similar repositories for DPAPISnoop
Users that are interested in DPAPISnoop are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆224Oct 22, 2023Updated 2 years ago
- Simple BOF to read the protection level of a process☆122May 10, 2023Updated 3 years ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆189Jun 22, 2022Updated 3 years ago
- ☆177Mar 27, 2023Updated 3 years ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆262May 10, 2023Updated 3 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 3 years ago
- ☆83Nov 1, 2023Updated 2 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Apr 4, 2023Updated 3 years ago
- Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting☆365Dec 19, 2022Updated 3 years ago
- OPSEC safe Kerberoasting in C#☆199Jun 14, 2022Updated 3 years ago
- DPAPI looting remotely and locally in Python☆550Mar 13, 2026Updated 2 months ago
- COFF file (BOF) for managing Kerberos tickets.☆326Jul 2, 2023Updated 2 years ago
- Abuse leaked token handles.☆136Dec 14, 2023Updated 2 years ago
- An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).☆419Jan 27, 2024Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆267Jun 29, 2024Updated last year
- Generate an obfuscated DLL that will disable AMSI & ETW☆333Jul 15, 2024Updated last year
- Lockless BOF☆79May 2, 2025Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆381Apr 19, 2023Updated 3 years ago
- A BOF to determine Windows Defender exclusions.☆256Jun 25, 2023Updated 2 years ago
- ☆128Jun 28, 2023Updated 2 years ago
- More examples using the Impacket library designed for learning purposes.☆268Nov 4, 2022Updated 3 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145May 18, 2024Updated 2 years ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆78Feb 8, 2023Updated 3 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆693Aug 15, 2025Updated 9 months ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆487Oct 14, 2022Updated 3 years ago
- Click Once + App Domain☆67Feb 23, 2026Updated 2 months ago
- Dump the memory of any PPL with a Userland exploit chain☆354Mar 17, 2023Updated 3 years ago
- A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.☆328Jan 31, 2023Updated 3 years ago
- A User Impersonation tool - via Token or Shellcode injection☆424May 21, 2022Updated 4 years ago
- In-memory token vault BOF for Cobalt Strike☆150Aug 18, 2022Updated 3 years ago
- ☆75Jun 17, 2025Updated 11 months ago
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆273Sep 14, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆303Oct 26, 2022Updated 3 years ago
- ☆431Apr 22, 2025Updated last year
- .NET/PowerShell/VBA Offensive Security Obfuscator☆523Feb 1, 2024Updated 2 years ago
- The code is a pingback to the Dark Vortex blog:☆190Jan 26, 2023Updated 3 years ago
- ☆121Mar 28, 2025Updated last year
- PoC to coerce authentication from Windows hosts using MS-WSP☆307Sep 7, 2023Updated 2 years ago
- Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code☆24Mar 13, 2023Updated 3 years ago