Alternatives and similar repositories for zerologon:

Users that are interested in zerologon are comparing it to the libraries listed below

• antonioCoco / RoguePotato
  Another Windows Local Privilege Escalation from Service Account to System
  ☆1,074Updated 4 years ago
• VoidSec / CVE-2020-1472
  Exploit Code for CVE-2020-1472 aka Zerologon
  ☆382Updated 4 years ago
• ropnop / impacket_static_binaries
  Standalone binaries for Linux/Windows of Impacket's examples
  ☆726Updated last year
• breenmachine / RottenPotatoNG
  New version of RottenPotato as a C++ DLL and standalone C++ binary - no need for meterpreter or other tools.
  ☆929Updated 7 years ago
• leechristensen / SpoolSample
  PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as w…
  ☆972Updated 9 months ago
• blackarrowsec / mssqlproxy
  mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socke…
  ☆737Updated 4 years ago
• Kevin-Robertson / Powermad
  PowerShell MachineAccountQuota and DNS exploit tools
  ☆1,287Updated 2 years ago
• dirkjanm / CVE-2020-1472
  PoC for Zerologon - all research credits go to Tom Tervoort of Secura
  ☆1,218Updated 4 years ago
• Mr-Un1k0d3r / SCShell
  Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
  ☆1,473Updated last year
• cube0x0 / noPac
  CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
  ☆1,362Updated 3 years ago
• safebuffer / sam-the-admin
  Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
  ☆1,007Updated 2 years ago
• b4rtik / SharpKatz
  Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands
  ☆994Updated 3 years ago
• CCob / SweetPotato
  Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019
  ☆1,675Updated 6 months ago
• GhostPack / SharpUp
  SharpUp is a C# port of various PowerUp functionality.
  ☆1,321Updated last year
• dirkjanm / krbrelayx
  Kerberos unconstrained delegation abuse toolkit
  ☆1,264Updated last month
• FSecureLABS / SharpGPOAbuse
  SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GP…
  ☆1,139Updated 4 years ago
• blackarrowsec / redteam-research
  Collection of PoC and offensive techniques used by the BlackArrow Red Team
  ☆1,100Updated 8 months ago
• mandiant / SharPersist
  ☆1,450Updated last year
• dirkjanm / PrivExchange
  Exchange your privileges for Domain Admin privs by abusing Exchange
  ☆1,000Updated 5 years ago
• tevora-threat / SharpView
  C# implementation of harmj0y's PowerView
  ☆1,022Updated last year
• mgeeky / cobalt-arsenal
  My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
  ☆1,069Updated last year
• RedSiege / C2concealer
  C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike.
  ☆1,049Updated 8 months ago
• Ridter / noPac
  Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
  ☆851Updated 2 years ago
• itm4n / FullPowers
  Recover the default privilege set of a LOCAL/NETWORK SERVICE account
  ☆603Updated 4 years ago
• bats3c / darkarmour
  Windows AV Evasion
  ☆764Updated 4 years ago
• harleyQu1nn / AggressorScripts
  Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
  ☆1,494Updated last year
• dirkjanm / adidnsdump
  Active Directory Integrated DNS dumping by any authenticated user
  ☆984Updated 3 months ago
• klezVirus / CheeseTools
  Self-developed tools for Lateral Movement/Code Execution
  ☆703Updated 3 years ago
• maaaaz / impacket-examples-windows
  The great impacket example scripts compiled for Windows
  ☆946Updated 6 years ago
• fox-it / aclpwn.py
  Active Directory ACL exploitation with BloodHound
  ☆716Updated 3 years ago