nettitude / MalSCCMLinks
☆250Updated last year
Alternatives and similar repositories for MalSCCM
Users that are interested in MalSCCM are comparing it to the libraries listed below
Sorting:
- GolenGMSA tool for working with GMSA passwords☆163Updated this week
- ☆155Updated 6 months ago
- OPSEC safe Kerberoasting in C#☆192Updated 3 years ago
- Investigation about ACL abusing for Active Directory Certificate Services (AD CS)☆124Updated 3 years ago
- ☆184Updated 9 months ago
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆176Updated 2 years ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆258Updated 2 years ago
- Start new PowerShell without etw and amsi in pure nim☆156Updated 3 years ago
- Beacon Object File & C# project to check LDAP signing☆193Updated last year
- Modular C# framework to exfiltrate loot over secure and trusted channels.☆130Updated 3 years ago
- Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus☆232Updated 3 years ago
- Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) SMB shares☆178Updated 2 years ago
- ADCS cert template modification and ACL enumeration☆142Updated 2 years ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆139Updated last year
- Password attacks and MFA validation against various endpoints in Azure and Office 365☆153Updated 2 years ago
- Run Powershell without software restrictions.☆284Updated 3 years ago
- Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.☆120Updated 3 years ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆188Updated 3 years ago
- Koppeling x Metatwin x LazySign☆214Updated 4 years ago
- Simple C# implementation of PowerUpSQL☆94Updated last year
- AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Co…☆228Updated 4 years ago
- Remotely enables Restricted Admin Mode☆211Updated 3 years ago
- Fully modular persistence framework☆256Updated 2 years ago
- ACL abuse swiss-knife☆125Updated 2 years ago
- Cortex XDR Config Extractor☆133Updated 2 years ago
- Agressor script that lists available Cobalt Strike beacon commands and colors them based on their type☆209Updated last year
- Powershell version of SharpGPOAbuse☆85Updated 4 years ago
- A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY☆86Updated 3 years ago
- MS-FSRVP coercion abuse PoC☆297Updated 3 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆300Updated 2 years ago