lypd0 / DeadPotato
DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the original GodPotato source code by BeichenDream.
☆385Updated 9 months ago
Alternatives and similar repositories for DeadPotato
Users that are interested in DeadPotato are comparing it to the libraries listed below
Sorting:
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.☆518Updated 3 weeks ago
- Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advance…☆533Updated last month
- Collection of UAC Bypass Techniques Weaponized as BOFs☆508Updated last year
- Extract and execute a PE embedded within a PNG file using an LNK file.☆411Updated 6 months ago
- Amsi Bypass payload that works on Windwos 11☆377Updated last year
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆515Updated 11 months ago
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆592Updated last week
- CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File☆278Updated last month
- Materials for the workshop "Red Team Ops: Havoc 101"☆375Updated 7 months ago
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆408Updated 10 months ago
- SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection s…☆335Updated last year
- A list of python tools to help create an OPSEC-safe Cobalt Strike profile.☆421Updated last year
- micr0shell is a Python script that dynamically generates Windows X64 PIC Null-Free reverse shell shellcode.☆187Updated 9 months ago
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆255Updated 9 months ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆586Updated this week
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆409Updated 9 months ago
- Bypassing UAC with SSPI Datagram Contexts☆438Updated last year
- Cobalt Strike HTTPS beaconing over Microsoft Graph API☆596Updated 10 months ago
- Awesome AV/EDR/XDR Bypass Tips☆271Updated 2 years ago
- shellcode loader for your evasion needs☆325Updated 2 weeks ago
- UAC Bypass By Abusing Kerberos Tickets☆496Updated last year
- POC exploit for CVE-2024-49138☆249Updated 3 months ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆471Updated last week
- Evasive shellcode loader☆361Updated 7 months ago
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆625Updated last week
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆290Updated last year
- AV/EDR Lab environment setup references to help in Malware development☆380Updated 2 months ago
- ☆356Updated 5 months ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆551Updated 4 months ago
- "AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS☆274Updated last month