nccgroup / Change-LockscreenLinks
Offensive tool to trigger network authentications as SYSTEM
☆141Updated 3 years ago
Alternatives and similar repositories for Change-Lockscreen
Users that are interested in Change-Lockscreen are comparing it to the libraries listed below
Sorting:
- ☆139Updated last year
- Koppeling x Metatwin x LazySign☆210Updated 3 years ago
- C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!☆185Updated 3 years ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆137Updated last year
- ☆151Updated 3 months ago
- tgtdelegation is a Beacon Object File (BOF) to obtain a usable TGT via the "TGT delegation trick"☆173Updated 3 years ago
- Investigation about ACL abusing for Active Directory Certificate Services (AD CS)☆122Updated 3 years ago
- Modular C# framework to exfiltrate loot over secure and trusted channels.☆127Updated 3 years ago
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…☆193Updated 3 years ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆256Updated 2 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆243Updated 3 years ago
- C# version of Powermad☆166Updated last year
- Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket.☆93Updated last year
- Password attacks and MFA validation against various endpoints in Azure and Office 365☆151Updated 2 years ago
- Tool for interacting with outlook interop during red team engagements☆144Updated 3 years ago
- Some scripts to support with importing large datasets into BloodHound☆80Updated last year
- Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…☆104Updated 3 years ago
- ☆123Updated last year
- ☆159Updated 7 months ago
- Remotely enables Restricted Admin Mode☆210Updated 3 years ago
- Find .net assemblies locally☆113Updated 2 years ago
- ☆125Updated 2 years ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆74Updated 2 years ago
- POC tools for exploring SMB over QUIC protocol☆125Updated 3 years ago
- Start new PowerShell without etw and amsi in pure nim☆157Updated 3 years ago
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆124Updated 2 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆142Updated last year
- Hookers are cooler than patches.☆169Updated 3 years ago
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆134Updated 8 months ago
- Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.☆120Updated 3 years ago