DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the original GodPotato source code by BeichenDream.
☆478Aug 17, 2024Updated last year
Alternatives and similar repositories for DeadPotato
Users that are interested in DeadPotato are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆651May 8, 2025Updated last year
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆557May 9, 2025Updated last year
- Fileless atexec, no more need for port 445☆413Mar 28, 2024Updated 2 years ago
- SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection s…☆498May 16, 2024Updated 2 years ago
- ☆238Oct 8, 2024Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆361Nov 19, 2024Updated last year
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆740May 7, 2025Updated last year
- A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…☆366Mar 17, 2026Updated 3 months ago
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.☆536Nov 14, 2025Updated 7 months ago
- ☆248May 5, 2024Updated 2 years ago
- Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advance…☆578May 22, 2025Updated last year
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆702Updated this week
- Collection of UAC Bypass Techniques Weaponized as BOFs☆637Feb 21, 2024Updated 2 years ago
- Process injection alternative☆407Sep 6, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆399Apr 26, 2026Updated 2 months ago
- Sleep obfuscation☆275Dec 13, 2024Updated last year
- ☆387Oct 17, 2025Updated 8 months ago
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆251Jun 11, 2024Updated 2 years ago
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆311Jul 31, 2024Updated last year
- Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).☆596Mar 19, 2024Updated 2 years ago
- ☆100Sep 1, 2024Updated last year
- A Windows potato to privesc☆394Aug 26, 2024Updated last year
- ☆2,307Nov 24, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Leverage WindowsApp createdump tool to obtain an lsass dump☆151Sep 20, 2024Updated last year
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆262Aug 13, 2024Updated last year
- LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and r…☆387Apr 26, 2025Updated last year
- ☆201Mar 28, 2025Updated last year
- New generation of wmiexec.py☆1,289Apr 26, 2026Updated 2 months ago
- ☆707Nov 7, 2023Updated 2 years ago
- Reflective DLL Injection Made Bella☆249Jan 6, 2025Updated last year
- A BOF that runs unmanaged PEs inline☆702Oct 23, 2024Updated last year
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).☆593Nov 23, 2025Updated 7 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Generic PE loader for fast prototyping evasion techniques☆247Jul 2, 2024Updated 2 years ago
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆440Jul 8, 2024Updated last year
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆476Aug 2, 2024Updated last year
- Bypassing UAC with SSPI Datagram Contexts☆469Sep 24, 2023Updated 2 years ago
- Extract and execute a PE embedded within a PNG file using an LNK file.☆479Nov 2, 2024Updated last year
- Bypass LSA protection using the BYODLL technique☆181Sep 21, 2024Updated last year
- Windows remote execution multitool☆800Mar 25, 2026Updated 3 months ago