praetorian-inc / NTLMReconView external linksLinks
A tool for performing light brute-forcing of HTTP servers to identify commonly accessible NTLM authentication endpoints.
☆106Dec 11, 2023Updated 2 years ago
Alternatives and similar repositories for NTLMRecon
Users that are interested in NTLMRecon are comparing it to the libraries listed below
Sorting:
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆187Jun 22, 2022Updated 3 years ago
- ☆60Jan 9, 2023Updated 3 years ago
- A proof-of-concept tool that attempts to retrieve the configuration from the memory dump of an F-Secure C3 Relay executable.☆18Jul 2, 2021Updated 4 years ago
- A simple to use single-include Windows API resolver☆23Jul 9, 2024Updated last year
- ☆40Oct 8, 2024Updated last year
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆259May 10, 2023Updated 2 years ago
- ☆16Dec 7, 2025Updated 2 months ago
- Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual☆14Jul 13, 2022Updated 3 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆93Mar 8, 2023Updated 2 years ago
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆178Feb 14, 2023Updated 3 years ago
- Generate droppers with encrypted payloads automatically.☆54Nov 16, 2021Updated 4 years ago
- A python based script to update DNS entries in ADIDNS☆43Apr 12, 2024Updated last year
- CVE-2013-4786 Go exploitation tool☆40Nov 18, 2025Updated 2 months ago
- Red Team Coin for crypto-mining operations.☆23Jan 12, 2026Updated last month
- Tool to extract username and password of current user from PanGPA in plaintext☆89Dec 23, 2024Updated last year
- ☆26Aug 5, 2025Updated 6 months ago
- Dump Citrix Secure Access auth cookie from the process memory☆76Jun 24, 2022Updated 3 years ago
- A simple reverse ssh/proxy implant PoC for *nix systems.☆57Jul 5, 2024Updated last year
- Enumerate information from NTLM authentication enabled web endpoints 🔎☆504Sep 23, 2025Updated 4 months ago
- C# Tool to interact with MS Exchange based on MS docs☆102Dec 7, 2022Updated 3 years ago
- ☆15Jan 26, 2023Updated 3 years ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆87Mar 22, 2023Updated 2 years ago
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer☆738May 19, 2023Updated 2 years ago
- ☆319Jun 28, 2023Updated 2 years ago
- .NET/PowerShell/VBA Offensive Security Obfuscator☆514Feb 1, 2024Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray☆47Mar 4, 2023Updated 2 years ago
- Tool to aid in dumping LSASS process remotely☆42Sep 23, 2025Updated 4 months ago
- My implementation of the GIUDA project in C++☆189Jul 25, 2023Updated 2 years ago
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆285Jun 8, 2023Updated 2 years ago
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆260Feb 21, 2025Updated 11 months ago
- Ask a TGS on behalf of another user without password☆482Mar 30, 2025Updated 10 months ago
- Project to enumerate proxy configurations and generate shellcode from CobaltStrike☆140Nov 4, 2020Updated 5 years ago
- Golang Shlyuz Implant Implementation☆13May 23, 2025Updated 8 months ago
- Find world writable directories that contain a .exe or .dll file☆13Aug 31, 2021Updated 4 years ago
- Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintai…☆75Oct 27, 2025Updated 3 months ago
- DPAPI looting remotely and locally in Python☆540Oct 7, 2025Updated 4 months ago
- ☆129Mar 1, 2023Updated 2 years ago
- Tool for efficient directory enumeration☆65Jan 27, 2026Updated 2 weeks ago
- ADCS cert template modification and ACL enumeration☆144Jun 26, 2023Updated 2 years ago