DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the original GodPotato source code by BeichenDream.
☆465Aug 17, 2024Updated last year
Alternatives and similar repositories for DeadPotato
Users that are interested in DeadPotato are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆640May 8, 2025Updated 10 months ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆541May 9, 2025Updated 10 months ago
- Fileless atexec, no more need for port 445☆406Mar 28, 2024Updated last year
- SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection s…☆477May 16, 2024Updated last year
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆346Nov 19, 2024Updated last year
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆701May 7, 2025Updated 10 months ago
- ☆234Oct 8, 2024Updated last year
- A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…☆358Mar 17, 2026Updated last week
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.☆537Nov 14, 2025Updated 4 months ago
- ☆244May 5, 2024Updated last year
- Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advance…☆571May 22, 2025Updated 10 months ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆681Aug 15, 2025Updated 7 months ago
- Collection of UAC Bypass Techniques Weaponized as BOFs☆611Feb 21, 2024Updated 2 years ago
- Process injection alternative☆407Sep 6, 2024Updated last year
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆371Jan 29, 2026Updated last month
- Sleep obfuscation☆271Dec 13, 2024Updated last year
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆250Jun 11, 2024Updated last year
- ☆382Oct 17, 2025Updated 5 months ago
- Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).☆585Mar 19, 2024Updated 2 years ago
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆301Jul 31, 2024Updated last year
- ☆100Sep 1, 2024Updated last year
- A Windows potato to privesc☆391Aug 26, 2024Updated last year
- ☆2,214Nov 24, 2023Updated 2 years ago
- Leverage WindowsApp createdump tool to obtain an lsass dump☆153Sep 20, 2024Updated last year
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆260Aug 13, 2024Updated last year
- LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and r…☆385Apr 26, 2025Updated 10 months ago
- ☆198Mar 28, 2025Updated 11 months ago
- New generation of wmiexec.py☆1,269Jan 5, 2026Updated 2 months ago
- ☆705Nov 7, 2023Updated 2 years ago
- Reflective DLL Injection Made Bella☆251Jan 6, 2025Updated last year
- A BOF that runs unmanaged PEs inline☆685Oct 23, 2024Updated last year
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).☆554Nov 23, 2025Updated 4 months ago
- Generic PE loader for fast prototyping evasion techniques☆245Jul 2, 2024Updated last year
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆460Aug 2, 2024Updated last year
- Bypassing UAC with SSPI Datagram Contexts☆465Sep 24, 2023Updated 2 years ago
- Extract and execute a PE embedded within a PNG file using an LNK file.☆465Nov 2, 2024Updated last year
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆444Jul 8, 2024Updated last year
- Windows remote execution multitool☆785Mar 10, 2026Updated 2 weeks ago
- Bypass LSA protection using the BYODLL technique☆175Sep 21, 2024Updated last year