Enumerate information from NTLM authentication enabled web endpoints π
β34Aug 16, 2023Updated 2 years ago
Alternatives and similar repositories for NTLMRecon
Users that are interested in NTLMRecon are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilegeβ227Nov 23, 2023Updated 2 years ago
- Parser and reconciliation tooling for large Active Directory environments.β33Feb 18, 2025Updated last year
- A PowerShell script designed to detect misconfigured Azure Storage Accounts that could potentially be exploited for privilege escalation β¦β13Apr 25, 2024Updated last year
- β107Jan 4, 2023Updated 3 years ago
- Extension functionality for the NightHawk operator clientβ27Oct 31, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways β’ AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Click Once + App Domainβ67Feb 23, 2026Updated last month
- A tool for enumerating potential hosts that are open to GSSAPI abuse within Active Directory networksβ183Aug 16, 2025Updated 8 months ago
- AI-based Ludus range configuration builderβ29May 6, 2025Updated 11 months ago
- DFSCoerce exe revisited version with custom authenticationβ43Jan 13, 2024Updated 2 years ago
- A RunAs clone with the ability to specify the password as an argument.β112Jul 2, 2023Updated 2 years ago
- A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80β21Apr 2, 2025Updated last year
- To audit the security of read-only domain controllersβ119Nov 27, 2023Updated 2 years ago
- AAD related enumeration in Nimβ131Sep 7, 2023Updated 2 years ago
- BOF for C2 frameworkβ44Nov 9, 2024Updated last year
- GPU virtual machines on DigitalOcean Gradient AI β’ AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Weaponized HellsGate/SigFlipβ207Jun 7, 2023Updated 2 years ago
- Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)β210Sep 30, 2024Updated last year
- Rust in-memory dumperβ108Jul 26, 2023Updated 2 years ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.β133Oct 4, 2024Updated last year
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDRβ21Feb 8, 2024Updated 2 years ago
- OPSEC safe Kerberoasting in C#β198Jun 14, 2022Updated 3 years ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other obβ¦β484Oct 14, 2022Updated 3 years ago
- Slides and Codes used for the workshop Red Team Infrastructure Automationβ194Apr 14, 2024Updated 2 years ago
- β164Oct 25, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- C# version of NTLMRawUnHideβ72Oct 8, 2022Updated 3 years ago
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilationβ36Dec 7, 2025Updated 4 months ago
- Adjusted version of the impacket-dcomexec script to work against Windows 10β18Oct 13, 2025Updated 6 months ago
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.β¦β906Apr 9, 2026Updated last week
- pysnafflerβ111Jan 6, 2026Updated 3 months ago
- πΎDogwalk PoC (using diagcab file to obtain RCE on windows)β78Aug 11, 2022Updated 3 years ago
- Running .NET from VBAβ148Feb 11, 2023Updated 3 years ago
- UAC Bypass By Abusing Kerberos Ticketsβ506Aug 10, 2023Updated 2 years ago
- C# tool to identify and exploit weaknesses within MSSQL instances in Active Directory environmentsβ115Feb 13, 2022Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Generate password spraying lists based on the pwdLastSet-attribute of users.β55Dec 6, 2023Updated 2 years ago
- Enumerate domain machine accounts and perform pre2k password spraying.β69Jul 14, 2023Updated 2 years ago
- Finding all things on-prem Microsoft for password spraying and enumeration.β257May 17, 2022Updated 3 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraftβ145May 18, 2024Updated last year
- β75Jun 17, 2025Updated 9 months ago
- A LAPS dumper written using the impacket library.β32May 22, 2023Updated 2 years ago
- DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the β¦β569Jun 5, 2023Updated 2 years ago