puzzlepeaches / NTLMRecon

Related projects: ⓘ

• X-C3LL / SharpNTLMRawUnHide
  C# version of NTLMRawUnHide
  ☆71Updated last year
• weaselsec / ClickOnce-AppDomain-Manager-Injection
  Click Once + App Domain
  ☆61Updated 9 months ago
• REDMED-X / InjectKit
  Modified versions of the Cobalt Strike Process Injection Kit
  ☆85Updated 7 months ago
• antroguy / LocklessBof
  Lockless BOF
  ☆62Updated 7 months ago
• eversinc33 / SharpStartWebclient
  Programmatically start WebClient from an unprivileged session to enable that juicy privesc.
  ☆60Updated last year
• MayerDaniel / profiler-lateral-movement
  Lateral Movement via the .NET Profiler
  ☆74Updated 3 months ago
• deh00ni / NtDumpBOF
  ☆79Updated 2 weeks ago
• securityandstuff / DynamicFinder
  ☆65Updated this week
• NotMedic / Invoke-Nanodump
  HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection
  ☆53Updated 2 years ago
• Leo4j / KeyCredentialLink
  Add Shadow Credentials to a target object by editing their msDS-KeyCredentialLink attribute
  ☆19Updated 3 months ago
• synacktiv / OUned
  The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning
  ☆71Updated 5 months ago
• xpn / CloudInject
  ☆101Updated 4 months ago
• t94j0 / adexplorersnapshot-rs
  ☆65Updated last month
• jsecu / BOF-pack-1
  A care package of useful bofs for red team engagments
  ☆47Updated last year
• leftp / DPAPISnoop
  A C# tool to output crackable DPAPI hashes from user MasterKeys
  ☆129Updated this week
• laxa / SharpSecretsdump
  Secretsdump C# version only supporting local (live) operation
  ☆47Updated last year
• h4wkst3r / SharPersist
  Windows Persistence Toolkit in C#
  ☆34Updated last year
• mertdas / SharpLateral
  Lateral Movement
  ☆117Updated 10 months ago
• nettitude / SharpConflux
  ☆63Updated 6 months ago
• Octoberfest7 / Presentations
  Slide decks and/or materials from conference presentations
  ☆55Updated last year
• wotwot563 / aad_prt_bof
  ☆64Updated 5 months ago
• xct / adopt
  Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.
  ☆12Updated 2 years ago
• xforcered / BOFMask
  ☆116Updated last year
• morRubin / NegoExRelay
  ☆83Updated 2 years ago
• danti1988 / adcshunter
  Uses rpcdump to locate the ADCS server, and identify if ESC8 is vulnerable from unauthenticated perspective.
  ☆75Updated this week
• dru1d-foofus / GetLAPSPassword
  A LAPS dumper written using the impacket library.
  ☆29Updated last year
• iamagarre / BadExclusionsNWBO
  BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR
  ☆69Updated 7 months ago
• 0xe7 / RoastInTheMiddle
  ☆69Updated 10 months ago
• rasta-mouse / SpawnWith
  ☆90Updated 6 months ago
• nullsection / Sneaky-DLL-Stager
  Reasonably undetected shellcode stager and executer.
  ☆34Updated last week