nettitude / MalSCCM
☆245Updated last year
Alternatives and similar repositories for MalSCCM:
Users that are interested in MalSCCM are comparing it to the libraries listed below
- Investigation about ACL abusing for Active Directory Certificate Services (AD CS)☆120Updated 3 years ago
- ☆147Updated last month
- ☆157Updated 4 months ago
- OPSEC safe Kerberoasting in C#☆190Updated 2 years ago
- GolenGMSA tool for working with GMSA passwords☆139Updated 11 months ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆252Updated last year
- Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus☆226Updated 3 years ago
- Koppeling x Metatwin x LazySign☆206Updated 3 years ago
- Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) SMB shares☆171Updated 2 years ago
- Modular C# framework to exfiltrate loot over secure and trusted channels.☆121Updated 3 years ago
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆320Updated last year
- ADCS cert template modification and ACL enumeration☆135Updated last year
- ☆116Updated last year
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆176Updated 2 years ago
- ACL abuse swiss-knife☆119Updated 2 years ago
- Beacon Object File & C# project to check LDAP signing☆184Updated 7 months ago
- Password attacks and MFA validation against various endpoints in Azure and Office 365☆151Updated 2 years ago
- Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.☆119Updated 2 years ago
- C# version of Powermad☆160Updated last year
- ☆96Updated 2 years ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆125Updated last year
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆169Updated 2 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆296Updated 2 years ago
- AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Co…☆215Updated 4 years ago
- Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later☆91Updated last year
- MS-FSRVP coercion abuse PoC☆285Updated 3 years ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆152Updated last year
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆193Updated 2 months ago
- Retrieve AD accounts description and search for password in it☆83Updated 2 years ago
- A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO☆166Updated 6 months ago