lkarlslund / hashmuncher
Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later
☆91Updated last year
Alternatives and similar repositories for hashmuncher:
Users that are interested in hashmuncher are comparing it to the libraries listed below
- ☆71Updated last year
- Investigation about ACL abusing for Active Directory Certificate Services (AD CS)☆120Updated 3 years ago
- Living Off the Foreign Land setup scripts☆64Updated last month
- A Python POC for CRED1 over SOCKS5☆139Updated 4 months ago
- ☆85Updated 2 years ago
- Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket.☆84Updated 9 months ago
- A module for CME that spiders across a domain.☆35Updated 2 years ago
- Get Fine Grained Password Policy☆67Updated 9 months ago
- A python port of @dafthack's MFAsweep with some added OPSEC functionality. MFAde can be used to find single-factor authentication failure…☆37Updated 2 years ago
- C# version of NTLMRawUnHide☆72Updated 2 years ago
- Some scripts to support with importing large datasets into BloodHound☆79Updated last year
- Microsoft Graph API post-exploitation toolkit☆93Updated 7 months ago
- Tool for issuing manual LDAP queries which offers bofhound compatible output☆52Updated 8 months ago
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆132Updated 5 months ago
- Living off the land searches for explorer and sharepoint☆56Updated 3 months ago
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆121Updated 2 years ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆83Updated 7 months ago
- Abuse Azure API permissions for red teaming☆61Updated 2 years ago
- Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.☆119Updated 2 years ago
- ☆74Updated 6 months ago
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆53Updated 3 years ago
- ☆40Updated 3 weeks ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆78Updated 2 years ago
- Lateral Movement☆122Updated last year
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆86Updated 2 years ago
- ☆99Updated 10 months ago
- Python module for running BOFs☆68Updated last year
- Determine if the WebClient Service (WebDAV) is running on a remote system☆126Updated 11 months ago
- Leveraging AWS Lambda Function URLs for C2 Redirection☆26Updated last year
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆73Updated 2 years ago