LOCAL AND REMOTE HOOK msv1_0!SpAcceptCredentials from LSASS.exe and DUMP DOMAIN/LOGIN/PASSWORD IN CLEARTEXT to text file.
☆123Jan 27, 2020Updated 6 years ago
Alternatives and similar repositories for LogonCredentialsSteal
Users that are interested in LogonCredentialsSteal are comparing it to the libraries listed below
Sorting:
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆109Jan 3, 2021Updated 5 years ago
- malware written for educational purposes☆71Dec 31, 2025Updated 2 months ago
- UAC Bypass By Abusing Kerberos Tickets☆507Aug 10, 2023Updated 2 years ago
- ☆180Feb 3, 2021Updated 5 years ago
- A simple reverse ssh/proxy implant PoC for *nix systems.☆57Jul 5, 2024Updated last year
- Library of BOFs to interact with SQL servers☆223Dec 3, 2025Updated 3 months ago
- An App Domain Manager Injection DLL PoC on steroids☆212Dec 14, 2023Updated 2 years ago
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆307Dec 9, 2023Updated 2 years ago
- A Simple PoC☆22May 24, 2024Updated last year
- A Large Action Model designed to operate on MacOS or Windows which interacts with common C2 interfaces such as Cobalt Strike, Havoc, or B…☆26Feb 29, 2024Updated 2 years ago
- Simple reverse ICMP shell☆14Apr 30, 2024Updated last year
- A .NET 4.8 application to retrieve delivr.to emails from Microsoft Outlook via COM☆20Jul 19, 2025Updated 7 months ago
- Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…☆469Mar 8, 2023Updated 2 years ago
- ☆84Aug 26, 2024Updated last year
- A C# Solution Source Obfuscator for avoiding AV signatures with minimal user interaction. Powered by the Roslyn C# library.☆99Mar 25, 2025Updated 11 months ago
- Tool to create hidden registry keys.☆492Oct 23, 2019Updated 6 years ago
- Post-exploit tool that enables a SOCKS tunnel via a Windows host using an extensible custom RPC proto over SMB through a named pipe.☆191Mar 4, 2021Updated 5 years ago
- A beacon object file implementation of PoolParty Process Injection Technique.☆435Dec 21, 2023Updated 2 years ago
- Shellcode reflective DLL injection in Rust☆27Dec 26, 2025Updated 2 months ago
- .NET Project for performing Authenticated Remote Execution☆405Feb 8, 2023Updated 3 years ago
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆122May 29, 2024Updated last year
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.☆537Nov 14, 2025Updated 3 months ago
- A Bind Shell Using the Fax Service and a DLL Hijack☆332May 3, 2020Updated 5 years ago
- C# application that allows you to quick run SSH commands against a host or list of hosts☆42Sep 21, 2020Updated 5 years ago
- An In-memory Embedding of CPython☆31May 24, 2021Updated 4 years ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆234Feb 12, 2025Updated last year
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,607Jul 10, 2023Updated 2 years ago
- TCP Port Redirection Utility☆762Jan 31, 2023Updated 3 years ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆614Jan 2, 2025Updated last year
- ☆12Feb 19, 2026Updated 2 weeks ago
- A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…☆275May 3, 2023Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- .NET assembly loader with patchless AMSI and ETW bypass☆370Apr 19, 2023Updated 2 years ago
- SharpClipHistory is a .NET application written in C# that can be used to read the contents of a user's clipboard history in Windows 10 st…☆200Jan 23, 2020Updated 6 years ago
- Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…☆595Jul 26, 2021Updated 4 years ago
- COFF file (BOF) for managing Kerberos tickets.☆320Jul 2, 2023Updated 2 years ago
- Fileless atexec, no more need for port 445☆404Mar 28, 2024Updated last year
- C or BOF file to extract WebKit master key to decrypt user cookie☆207Apr 29, 2024Updated last year
- A Go implementation of Cobalt Strike style BOF/COFF loaders.☆266Feb 22, 2025Updated last year