☆292Jul 20, 2023Updated 2 years ago
Alternatives and similar repositories for msi-search
Users that are interested in msi-search are comparing it to the libraries listed below
Sorting:
- ☆319Jun 28, 2023Updated 2 years ago
- Ask a TGS on behalf of another user without password☆482Mar 30, 2025Updated 11 months ago
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).☆546Nov 23, 2025Updated 3 months ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆345Nov 19, 2024Updated last year
- ☆129Dec 4, 2023Updated 2 years ago
- A set of programs for analyzing common vulnerabilities in COM☆248Sep 8, 2024Updated last year
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆285Jun 8, 2023Updated 2 years ago
- DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …☆568Jun 5, 2023Updated 2 years ago
- Abusing Azure services over C2☆367Jan 20, 2026Updated last month
- Lateral Movement Using DCOM and DLL Hijacking☆325Jun 18, 2023Updated 2 years ago
- COFF file (BOF) for managing Kerberos tickets.☆320Jul 2, 2023Updated 2 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆675Aug 15, 2025Updated 6 months ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆293Jul 15, 2023Updated 2 years ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆779Jan 26, 2026Updated last month
- ☆129Jun 28, 2023Updated 2 years ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆614Jan 2, 2025Updated last year
- Your syscall factory☆126Jan 13, 2026Updated last month
- A beacon object file implementation of PoolParty Process Injection Technique.☆434Dec 21, 2023Updated 2 years ago
- ☆216Mar 26, 2024Updated last year
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆892Feb 18, 2026Updated 2 weeks ago
- Tools for interacting with authentication packages using their individual message protocols☆403Feb 1, 2026Updated last month
- Splitting and executing shellcode across multiple pages☆103Jun 8, 2023Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆90Dec 15, 2022Updated 3 years ago
- UAC Bypass By Abusing Kerberos Tickets☆508Aug 10, 2023Updated 2 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆411Jan 11, 2026Updated last month
- ☆301Oct 29, 2024Updated last year
- Remote operations commands implemented using Beacon Object Files☆1,120Feb 23, 2026Updated last week
- My implementation of the GIUDA project in C++☆189Jul 25, 2023Updated 2 years ago
- PoC to coerce authentication from Windows hosts using MS-WSP☆302Sep 7, 2023Updated 2 years ago
- A BOF that runs unmanaged PEs inline☆681Oct 23, 2024Updated last year
- ☆152Oct 2, 2023Updated 2 years ago
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆261Jun 29, 2024Updated last year
- Dump NTDS with golden certificates and UnPAC the hash☆647Mar 20, 2024Updated last year
- ☆162Mar 27, 2023Updated 2 years ago
- Escalate Service Account To LocalSystem via Kerberos☆403Sep 14, 2023Updated 2 years ago
- Tool to remotely dump secrets from the Windows registry☆521Updated this week
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆334Mar 6, 2025Updated 11 months ago
- Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).☆586Mar 19, 2024Updated last year
- ☆123Oct 9, 2023Updated 2 years ago