Extract Windows credentials directly from VM memory snapshots and virtual disks
☆961Apr 9, 2026Updated last week
Alternatives and similar repositories for VMkatz
Users that are interested in VMkatz are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- The samples referenced in my book, Evasive Malware (No starch Press)☆59Feb 20, 2026Updated last month
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆43Dec 7, 2025Updated 4 months ago
- CVE-2025-20029: Command Injection in TMSH CLI in F5 BIG-IP☆22Feb 23, 2025Updated last year
- ProfileHound - BloodHound OpenGraph collector for user profiles stored on domain machines. Make informed decisions about looting secrets …☆162Jan 3, 2026Updated 3 months ago
- Bypass LSA protection using the BYODLL technique☆178Sep 21, 2024Updated last year
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Dump Kerberos tickets☆46Aug 4, 2025Updated 8 months ago
- Implementing Ghostly-Hollowing using tampered syscalls for remote PE injection☆74Dec 26, 2025Updated 3 months ago
- Clipboard for Command and Control between VDI, RDP and Others on Windows☆52Dec 7, 2025Updated 4 months ago
- Execute commands, in/exfiltrate files using your custom RPC Server☆69Jan 13, 2026Updated 3 months ago
- Interactive PowerShell framework for testing WMI, COM, LOLBAS, and persistence techniques☆113Dec 28, 2025Updated 3 months ago
- Disposable, ephemeral network infrastructure powered by GitHub Codespaces.☆102Mar 26, 2026Updated 3 weeks ago
- BOF for Havoc that copies locked Windows files (SAM, SYSTEM, NTDS.dit) via raw MFT parsing — no VSS, no Registry APIs, no PowerShell☆118Apr 6, 2026Updated last week
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆250Jun 11, 2024Updated last year
- Phantom is project created to perform loading and executing .NET assemblies directly in memory within an IIS environment running in full‑…☆99Mar 10, 2026Updated last month
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆639May 8, 2025Updated 11 months ago
- AdaptixC2 is a highly modular advanced redteam toolkit☆2,969Mar 22, 2026Updated 3 weeks ago
- UDC2 implementation that provides an ICMP C2 channel☆120Nov 24, 2025Updated 4 months ago
- A tool to play with scheduled tasks on Windows, in Rust☆122Nov 1, 2025Updated 5 months ago
- A Pentesters Confluence Keyword Scanner☆17Dec 3, 2024Updated last year
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆348Nov 19, 2024Updated last year
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆217Oct 19, 2024Updated last year
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆150Apr 18, 2025Updated last year
- Nim implementation for sud0Ru's Credential Dumping from SAM/SECURITY Hives Method (a.k.a. SilentHarvest)☆88Apr 4, 2026Updated 2 weeks ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A PoC of a privilege escalation vulnerability in the Realtek rtkio64 Windows driver.☆20Jul 6, 2020Updated 5 years ago
- Python based GUI for browsing LDAP☆181Dec 7, 2025Updated 4 months ago
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆34Aug 18, 2025Updated 8 months ago
- Neo4LDAP is a query and visualization tool focused on Active Directory environments. It combines LDAP syntax with graph-based data analys…☆97Feb 3, 2026Updated 2 months ago
- Tool developed using csharp (.net 4.5) for compressing and encrypting files to shorten transfer times. Supports multi-file compression an…☆14Feb 15, 2024Updated 2 years ago
- 本项目是基于Neo-reGeorg进行二次开发,对PHP木马添加了AES加密,修改了请求体和响应体特征☆91Mar 8, 2024Updated 2 years ago
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆384Dec 13, 2024Updated last year
- CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK)☆45Oct 16, 2024Updated last year
- ☆69Apr 8, 2026Updated last week
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- What's the Red Team doing to my Linux Box? - BSides Vienna 2024☆17Nov 23, 2024Updated last year
- Lightweight binary that joins a device to a Tailscale network and exposes a local SOCKS5 proxy. Designed for red team operations and ephe…☆555Oct 3, 2025Updated 6 months ago
- Host CLR and run .NET binaries using Rust☆154Dec 23, 2025Updated 3 months ago
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).☆560Nov 23, 2025Updated 4 months ago
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆380Mar 31, 2026Updated 2 weeks ago
- Rusty Hell's Gate / Halo's Gate / Tartarus' Gate / FreshyCalls / Syswhispers2 Library☆33Sep 23, 2022Updated 3 years ago
- C2-agnostic BOF collection, categorized by attack chain phase. Designed to be small and modular, allowing for quick execution and automat…☆287Apr 8, 2026Updated last week