lypd0 / DeadPotato
DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the original GodPotato source code by BeichenDream.
☆335Updated 3 months ago
Related projects ⓘ
Alternatives and complementary repositories for DeadPotato
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.☆493Updated 3 months ago
- Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advance…☆306Updated this week
- Cobalt Strike HTTPS beaconing over Microsoft Graph API☆551Updated 4 months ago
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆476Updated 5 months ago
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆379Updated 4 months ago
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆517Updated 4 months ago
- UAC Bypass By Abusing Kerberos Tickets☆480Updated last year
- HookChain: A new perspective for Bypassing EDR Solutions☆410Updated last week
- Collection of UAC Bypass Techniques Weaponized as BOFs☆408Updated 9 months ago
- Amsi Bypass payload that works on Windwos 11☆370Updated last year
- Escalate Service Account To LocalSystem via Kerberos☆390Updated last year
- SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection s…☆241Updated 6 months ago
- Evasive shellcode loader☆283Updated last month
- Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).☆475Updated 8 months ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆542Updated 4 months ago
- shellcode loader for your evasion needs☆272Updated last week
- micr0shell is a Python script that dynamically generates Windows X64 PIC Null-Free reverse shell shellcode.☆154Updated 4 months ago
- Extract and execute a PE embedded within a PNG file using an LNK file.☆239Updated 3 weeks ago
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆242Updated 3 months ago
- Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver☆242Updated 4 months ago
- Materials for the workshop "Red Team Ops: Havoc 101"☆352Updated last month
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆473Updated last year
- Dump lsass using only NTAPIs running 3 programs to create 3 JSON and 1 ZIP file... and generate the MiniDump later!☆352Updated last month
- Bypassing UAC with SSPI Datagram Contexts☆414Updated last year
- ☆163Updated last year
- Simulate the behavior of AV/EDR for malware development training.☆457Updated 9 months ago
- Complete list of LPE exploits for Windows (starting from 2023)☆395Updated last week
- Go shellcode loader that combines multiple evasion techniques☆353Updated last year
- ☆229Updated last week
- Kill AV/EDR leveraging BYOVD attack☆309Updated last year