Python library and client for token manipulations and impersonations for privilege escalation on Windows
☆125Nov 14, 2022Updated 3 years ago
Alternatives and similar repositories for pytmipe
Users that are interested in pytmipe are comparing it to the libraries listed below
Sorting:
- Send and receive messages over Named Pipes asynchronously.☆39Sep 17, 2021Updated 4 years ago
- Command line interface to dump LSASS memory to disk via SilentProcessExit☆454Dec 23, 2020Updated 5 years ago
- wsb-detect enables you to detect if you are running in Windows Sandbox ("WSB")☆373Feb 27, 2023Updated 3 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆251Sep 26, 2020Updated 5 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆109Jan 3, 2021Updated 5 years ago
- Sustainable shellcode evasion☆112Dec 11, 2024Updated last year
- This tool enables the compilation of a C# program that will execute arbitrary PowerShell code, without launching PowerShell processes thr…☆196Jul 26, 2020Updated 5 years ago
- Remotely enables Restricted Admin Mode☆215Sep 3, 2021Updated 4 years ago
- A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filtering☆210Nov 29, 2020Updated 5 years ago
- Windows - Weaponizing privileged file writes with the Update Session Orchestrator service☆402Jun 6, 2020Updated 5 years ago
- ☆667Nov 17, 2021Updated 4 years ago
- Small utility package for manipulating Windows process tokens☆26Apr 26, 2022Updated 3 years ago
- Remote code execution in Power Platform connectors via JSON deserialization☆23Mar 30, 2023Updated 2 years ago
- Registry permission scanner written in C# for finding potential privesc avenues within registry☆86Mar 9, 2021Updated 4 years ago
- Windows active user credential phishing tool☆283Mar 10, 2020Updated 5 years ago
- Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory☆398Aug 15, 2025Updated 6 months ago
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆220May 3, 2023Updated 2 years ago
- Pass the Hash to a named pipe for token Impersonation☆311Nov 29, 2023Updated 2 years ago
- Post-exploit tool that enables a SOCKS tunnel via a Windows host using an extensible custom RPC proto over SMB through a named pipe.☆191Mar 4, 2021Updated 5 years ago
- Microsoft Applocker evasion tool☆39Nov 26, 2019Updated 6 years ago
- Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket☆614Aug 15, 2025Updated 6 months ago
- C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic☆144Feb 23, 2022Updated 4 years ago
- Koppeling x Metatwin x LazySign☆216Aug 26, 2021Updated 4 years ago
- C# Reflective loader for unmanaged binaries.☆446Jan 25, 2023Updated 3 years ago
- A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.☆19Jun 24, 2021Updated 4 years ago
- Library of tools and examples for loading/bootstrapping managed code from unmanaged code in .NET☆64Nov 22, 2019Updated 6 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆234Oct 18, 2022Updated 3 years ago
- A simple COM server which provides a component to run shellcode☆149May 12, 2020Updated 5 years ago
- Unfixed Windows PowerShell Filename Code Execution POC☆41Dec 26, 2023Updated 2 years ago
- DInvisibleRegistry☆83Nov 20, 2020Updated 5 years ago
- .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py☆611Feb 16, 2023Updated 3 years ago
- ☆18Aug 19, 2021Updated 4 years ago
- Universal Unhooking☆326Sep 19, 2018Updated 7 years ago
- Obfuscate powershell scripts by replacing Function names, Variables and Parameters.☆522Nov 26, 2022Updated 3 years ago
- Run Powershell without software restrictions.☆281Sep 8, 2021Updated 4 years ago
- A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies☆325Apr 8, 2023Updated 2 years ago
- Execute PowerShell code at the antimalware-light protection level.☆142Dec 13, 2022Updated 3 years ago
- ☆113Aug 5, 2020Updated 5 years ago
- Excel Macro Document Reader/Writer for Red Teamers & Analysts☆524Feb 1, 2022Updated 4 years ago