A PowerShell script that checks for dangerous ACLs on system hives and shadows
☆28Jul 21, 2021Updated 4 years ago
Alternatives and similar repositories for HiveNightmare-Checker
Users that are interested in HiveNightmare-Checker are comparing it to the libraries listed below
Sorting:
- A cover story generator for people who Need Quick Covers On Operations☆13May 17, 2020Updated 5 years ago
- A dropper that decrypts encrypted xor payload and can inject it in explorer.exe proccess☆10Aug 1, 2021Updated 4 years ago
- Collection of BOFs for Cobalt Strike☆32Mar 28, 2023Updated 2 years ago
- ☆61Aug 30, 2021Updated 4 years ago
- A proof-of-concept tool that attempts to retrieve the configuration from the memory dump of an F-Secure C3 Relay executable.☆17Jul 2, 2021Updated 4 years ago
- A simple ReST server to lookup threat actors (by name, synonym or UUID) and returning the corresponding MISP galaxy information about the…☆50Aug 30, 2025Updated 6 months ago
- Run PowerShell command without invoking powershell.exe☆35Nov 22, 2021Updated 4 years ago
- Exploit for HiveNightmare - CVE-2021–36934☆61Aug 22, 2025Updated 6 months ago
- Tradecraft Development Fundamentals☆40Aug 6, 2021Updated 4 years ago
- Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process☆108Mar 8, 2023Updated 2 years ago
- Dump Teams conversations☆18Jun 9, 2021Updated 4 years ago
- LetMeOutOfYour.net Resources☆21Jul 15, 2020Updated 5 years ago
- Powershell script to emulate the "blast radius" of a ransomware infection.☆28Jul 27, 2021Updated 4 years ago
- Post-exploitation tool for attacking Active Directory domain controllers☆18Dec 18, 2022Updated 3 years ago
- User enumeration with Microsoft Teams API☆175Jul 9, 2021Updated 4 years ago
- Zoom Persistence Aggressor and Handler☆55Mar 24, 2021Updated 4 years ago
- A cloud automation system for Red Teams based on Terraform and Ansible☆24Apr 21, 2021Updated 4 years ago
- go-atomicredteam is a Golang application to execute tests as defined in the atomics folder of Red Canary's Atomic Red Team project (https…☆49Mar 7, 2023Updated 2 years ago
- ☆13May 24, 2023Updated 2 years ago
- ☆18Dec 12, 2020Updated 5 years ago
- Read Excel Spreadsheets (XLS/XLSX) using Cobalt Strike's Execute-Assembly☆90Sep 30, 2024Updated last year
- Microsoft Flow Attack Framework☆23Nov 14, 2019Updated 6 years ago
- Firebase Domain Front Code☆21May 4, 2021Updated 4 years ago
- C# utility that uses WMI to run "cmd.exe /c netstat -n", save the output to a file, then use SMB to read and delete the file remotely☆38Jan 3, 2020Updated 6 years ago
- ☆53Sep 16, 2021Updated 4 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Aug 29, 2021Updated 4 years ago
- ☆53Nov 11, 2021Updated 4 years ago
- A recreation of the "Nobelium" malware based on Microsofts Malware analysis - Part 1: PDF2Pwn☆100Mar 8, 2023Updated 2 years ago
- ☆57May 13, 2020Updated 5 years ago
- Remove API hooks from a Beacon process.☆76Mar 13, 2022Updated 3 years ago
- ☆101Aug 23, 2021Updated 4 years ago
- ☆27Jan 16, 2021Updated 5 years ago
- A list of windows potatoes!☆26Mar 6, 2022Updated 3 years ago
- Using outlook COM objects to create convincing phishing emails without the user noticing. This project is meant for internal phishing.☆155Dec 22, 2020Updated 5 years ago
- D/Invoke port of UrbanBishop☆30Dec 13, 2020Updated 5 years ago
- Find exposed data in Azure with this public blob scanner☆350Jul 7, 2024Updated last year
- .NET project for installing Persistence☆63Feb 14, 2022Updated 4 years ago
- ☆112Jul 24, 2023Updated 2 years ago
- Track progress and keep notes while working through likethecoins' CTI Self Study Plan☆29Aug 25, 2022Updated 3 years ago