michaelpoznecki / zerologonLinks
Scan for and exploit the zerologon vulnerability.
☆10Updated 4 years ago
Alternatives and similar repositories for zerologon
Users that are interested in zerologon are comparing it to the libraries listed below
Sorting:
- Convert ldapdomaindump to Bloodhound☆80Updated last year
- A tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs)☆57Updated 3 weeks ago
- This repository presents a proof-of-concept of CVE-2023-22527☆12Updated last year
- Cobalt Strike BOFS☆16Updated last year
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Updated 3 years ago
- Generate password spraying lists based on the pwdLastSet-attribute of users.☆56Updated last year
- A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…☆32Updated 2 years ago
- ☆52Updated 2 years ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33Updated last year
- A script to automatically dump all URLs present in /server-status to a file locally.☆24Updated 4 months ago
- Secretsdump C# version only supporting local (live) operation☆50Updated 2 months ago
- Simple Python script to sort nuclei scans by severity and URL☆29Updated 2 years ago
- Template Nuclei SSTI☆30Updated last year
- Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe☆13Updated last year
- tool that generates bypasses for open redirects☆52Updated 3 years ago
- A python script to force authentication using MS-RPRN RemoteFindFirstPrinterChangeNotificationEx function (opnum 65).☆25Updated 4 months ago
- Generate AES128/256 Kerberos keys for an AD account using a plaintext password and Python3☆54Updated 3 years ago
- A BOF tool that can be used to collect passwords using CredUIPromptForWindowsCredentialsName.☆15Updated 3 years ago
- Active Directory share enumeration tool☆11Updated 2 months ago
- Python script to exploit CVE-2022-22954 and then exploit CVE-2022-22960☆2Updated 3 years ago
- Modified version of PEAS client for offensive operations☆41Updated 2 years ago
- A tool for performing light brute-forcing of HTTP servers to identify commonly accessible NTLM authentication endpoints.☆92Updated last year
- ☆52Updated last year
- Tooling for the OffSec Experienced Pentester (OSEP) and OffSec Exploit Developer (OSED) course☆16Updated last year
- Deduplicate custom BloudHound queries from different datasets and merge them in one customqueries.json file.☆39Updated last year
- Just some random small tools for dealing with asp.net Forms Authentication Cookies☆24Updated 3 years ago
- ☆48Updated 2 years ago
- SAM Dumping in C#☆48Updated 5 months ago
- Used to get NTLMv2 Hashes from SMB☆14Updated 8 months ago
- Another tool for exploiting CVE-2017-9248, a cryptographic weakness in Telerik UI for ASP.NET AJAX dialog handler.☆53Updated 10 months ago