Enumerate information from NTLM authentication enabled web endpoints π
β34Aug 16, 2023Updated 2 years ago
Alternatives and similar repositories for NTLMRecon
Users that are interested in NTLMRecon are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilegeβ226Nov 23, 2023Updated 2 years ago
- Parser and reconciliation tooling for large Active Directory environments.β33Feb 18, 2025Updated last year
- A PowerShell script designed to detect misconfigured Azure Storage Accounts that could potentially be exploited for privilege escalation β¦β13Apr 25, 2024Updated last year
- β107Jan 4, 2023Updated 3 years ago
- Extension functionality for the NightHawk operator clientβ26Oct 31, 2023Updated 2 years ago
- Proton VPN Special Offer - Get 70% off β’ AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Click Once + App Domainβ67Feb 23, 2026Updated last month
- A tool for enumerating potential hosts that are open to GSSAPI abuse within Active Directory networksβ182Aug 16, 2025Updated 7 months ago
- AI-based Ludus range configuration builderβ29May 6, 2025Updated 10 months ago
- DFSCoerce exe revisited version with custom authenticationβ42Jan 13, 2024Updated 2 years ago
- A RunAs clone with the ability to specify the password as an argument.β112Jul 2, 2023Updated 2 years ago
- A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80β21Apr 2, 2025Updated 11 months ago
- To audit the security of read-only domain controllersβ118Nov 27, 2023Updated 2 years ago
- AAD related enumeration in Nimβ131Sep 7, 2023Updated 2 years ago
- BOF for C2 frameworkβ44Nov 9, 2024Updated last year
- Proton VPN Special Offer - Get 70% off β’ AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Weaponized HellsGate/SigFlipβ204Jun 7, 2023Updated 2 years ago
- Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)β211Sep 30, 2024Updated last year
- Rust in-memory dumperβ108Jul 26, 2023Updated 2 years ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.β133Oct 4, 2024Updated last year
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDRβ21Feb 8, 2024Updated 2 years ago
- OPSEC safe Kerberoasting in C#β198Jun 14, 2022Updated 3 years ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other obβ¦β483Oct 14, 2022Updated 3 years ago
- Slides and Codes used for the workshop Red Team Infrastructure Automationβ193Apr 14, 2024Updated last year
- β163Oct 25, 2023Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI β’ AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- C# version of NTLMRawUnHideβ72Oct 8, 2022Updated 3 years ago
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilationβ38Dec 7, 2025Updated 3 months ago
- Adjusted version of the impacket-dcomexec script to work against Windows 10β17Oct 13, 2025Updated 5 months ago
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.β¦β901Mar 11, 2026Updated 2 weeks ago
- pysnafflerβ110Jan 6, 2026Updated 2 months ago
- πΎDogwalk PoC (using diagcab file to obtain RCE on windows)β78Aug 11, 2022Updated 3 years ago
- Running .NET from VBAβ148Feb 11, 2023Updated 3 years ago
- UAC Bypass By Abusing Kerberos Ticketsβ506Aug 10, 2023Updated 2 years ago
- C# tool to identify and exploit weaknesses within MSSQL instances in Active Directory environmentsβ113Feb 13, 2022Updated 4 years ago
- Managed Kubernetes at scale on DigitalOcean β’ AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Generate password spraying lists based on the pwdLastSet-attribute of users.β55Dec 6, 2023Updated 2 years ago
- Enumerate domain machine accounts and perform pre2k password spraying.β69Jul 14, 2023Updated 2 years ago
- Finding all things on-prem Microsoft for password spraying and enumeration.β257May 17, 2022Updated 3 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraftβ145May 18, 2024Updated last year
- β74Jun 17, 2025Updated 9 months ago
- A LAPS dumper written using the impacket library.β32May 22, 2023Updated 2 years ago
- DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the β¦β568Jun 5, 2023Updated 2 years ago