Python library and client for token manipulations and impersonations for privilege escalation on Windows
☆124Nov 14, 2022Updated 3 years ago
Alternatives and similar repositories for pytmipe
Users that are interested in pytmipe are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Send and receive messages over Named Pipes asynchronously.☆39Sep 17, 2021Updated 4 years ago
- Command line interface to dump LSASS memory to disk via SilentProcessExit☆456Dec 23, 2020Updated 5 years ago
- wsb-detect enables you to detect if you are running in Windows Sandbox ("WSB")☆371Feb 27, 2023Updated 3 years ago
- A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filtering☆210Nov 29, 2020Updated 5 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆109Jan 3, 2021Updated 5 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Remotely enables Restricted Admin Mode☆214Sep 3, 2021Updated 4 years ago
- Simple python script to check against hypothetical JWT vulnerability.☆51Nov 29, 2020Updated 5 years ago
- This tool enables the compilation of a C# program that will execute arbitrary PowerShell code, without launching PowerShell processes thr…☆195Jul 26, 2020Updated 5 years ago
- ☆669Nov 17, 2021Updated 4 years ago
- Basic Dart reverse shell code☆21Nov 10, 2023Updated 2 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆251Sep 26, 2020Updated 5 years ago
- Silent Cleanup UAC Bypass POC☆11Dec 15, 2019Updated 6 years ago
- A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.☆19Jun 24, 2021Updated 4 years ago
- Windows - Weaponizing privileged file writes with the Update Session Orchestrator service☆406Jun 6, 2020Updated 5 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- SMBExec implementation in Nim - SMBv2 using NTLM Authentication with Pass-The-Hash technique☆91Jul 19, 2022Updated 3 years ago
- Obfuscate powershell scripts by replacing Function names, Variables and Parameters.☆522Nov 26, 2022Updated 3 years ago
- Registry permission scanner written in C# for finding potential privesc avenues within registry☆87Mar 9, 2021Updated 5 years ago
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆219May 3, 2023Updated 3 years ago
- Sustainable shellcode evasion☆113May 13, 2026Updated 2 weeks ago
- Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket☆638Aug 15, 2025Updated 9 months ago
- ☆18Aug 19, 2021Updated 4 years ago
- Windows active user credential phishing tool☆284Mar 10, 2020Updated 6 years ago
- Pass the Hash to a named pipe for token Impersonation☆310Nov 29, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Remote code execution in Power Platform connectors via JSON deserialization☆23Mar 30, 2023Updated 3 years ago
- Post-exploit tool that enables a SOCKS tunnel via a Windows host using an extensible custom RPC proto over SMB through a named pipe.☆193Mar 4, 2021Updated 5 years ago
- Windows Privilege Escalation from User to Domain Admin.☆1,457Dec 18, 2022Updated 3 years ago
- .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py☆615Feb 16, 2023Updated 3 years ago
- Python3 Websocket AND http proxy☆43Dec 18, 2022Updated 3 years ago
- C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic☆143Feb 23, 2022Updated 4 years ago
- Active Directory ACL exploitation with BloodHound☆762Nov 18, 2021Updated 4 years ago
- C# Reflective loader for unmanaged binaries.☆447Jan 25, 2023Updated 3 years ago
- DInvisibleRegistry☆83Nov 20, 2020Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆236Oct 18, 2022Updated 3 years ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,638Jul 10, 2023Updated 2 years ago
- Dll that can be used for side loading and other attack vector.☆205Sep 17, 2020Updated 5 years ago
- Run Powershell without software restrictions.☆282Sep 8, 2021Updated 4 years ago
- Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory☆404Aug 15, 2025Updated 9 months ago
- Spray a hash via smb to check for local administrator access☆142Feb 7, 2021Updated 5 years ago
- Finding SSL Blindspots for Red Teams☆34Jul 28, 2020Updated 5 years ago