ozelis / winrmexecLinks
Impack-only implementation of WinRM protocol with support for NTLM and Kerberos auth
☆16Updated last month
Alternatives and similar repositories for winrmexec
Users that are interested in winrmexec are comparing it to the libraries listed below
Sorting:
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆115Updated 2 months ago
- ☆219Updated 7 months ago
- ☆136Updated last month
- ☆29Updated 9 months ago
- Tool for Active Directory Certificate Services enumeration and abuse☆161Updated last month
- Adversary Emulation Framework☆108Updated 10 months ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆302Updated 6 months ago
- ☆203Updated last year
- ☆85Updated 4 months ago
- Active Directory Authentication Library☆73Updated last month
- ☆180Updated 2 months ago
- Execute commands interactively on remote Windows machines using the WinRM protocol☆63Updated this week
- A PoC to deploy a Sliver Agent with amsi bypass, process injection, hollowing and OpSec☆16Updated 8 months ago
- 🧠 The ultimate, community-curated resource for Beacon Object Files (BOFs) — tutorials, how-tos, deep dives, and reference materials.☆68Updated last month
- Windows Privilege Escalation☆17Updated 2 years ago
- Cobalt Strike BOF for evasive .NET assembly execution☆249Updated 2 months ago
- .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS☆147Updated 3 months ago
- A tool to work with all types of Kerberos delegations (unconstrained, constrained, and resource-based constrained delegations) in Active …☆104Updated this week
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆165Updated 2 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆200Updated 7 months ago
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆170Updated 2 weeks ago
- ☆164Updated 10 months ago
- Leverage WindowsApp createdump tool to obtain an lsass dump☆149Updated 8 months ago
- ☆61Updated 4 months ago
- SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai.☆303Updated last week
- ☆226Updated last year
- Exploits a flaw in Remote Desktop Plus by monitoring and decrypting temporary .rdp files in %localappdata%/Temp, revealing credentials us…☆16Updated last year
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆139Updated 2 months ago
- Ghosting-AMSI☆180Updated last month
- A Python POC for CRED1 over SOCKS5☆149Updated 8 months ago