Alternatives and similar repositories for zerologon

Users that are interested in zerologon are comparing it to the libraries listed below

• dirkjanm / CVE-2020-1472

  View on GitHub
  PoC for Zerologon - all research credits go to Tom Tervoort of Secura
  ☆1,277Nov 3, 2020Updated 5 years ago
• bvcyber / CVE-2020-1472

  View on GitHub
  Test tool for CVE-2020-1472
  ☆1,804Jun 27, 2025Updated 7 months ago
• VoidSec / CVE-2020-1472

  View on GitHub
  Exploit Code for CVE-2020-1472 aka Zerologon
  ☆393Nov 5, 2020Updated 5 years ago
• cube0x0 / noPac

  View on GitHub
  CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
  ☆1,397Dec 16, 2021Updated 4 years ago
• Ridter / noPac

  View on GitHub
  Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
  ☆973Jan 29, 2023Updated 3 years ago
• cube0x0 / CVE-2021-1675

  View on GitHub
  C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527
  ☆1,962Jul 20, 2021Updated 4 years ago
• CCob / SweetPotato

  View on GitHub
  Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019
  ☆1,808Sep 4, 2024Updated last year
• antonioCoco / RoguePotato

  View on GitHub
  Another Windows Local Privilege Escalation from Service Account to System
  ☆1,148Jan 9, 2021Updated 5 years ago
• safebuffer / sam-the-admin

  View on GitHub
  Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
  ☆1,040Jul 10, 2022Updated 3 years ago
• b4rtik / SharpKatz

  View on GitHub
  Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands
  ☆1,012Nov 7, 2021Updated 4 years ago
• rootclay / WMIHACKER

  View on GitHub
  A Bypass Anti-virus Software Lateral Movement Command Execution Tool
  ☆1,465Jan 20, 2025Updated last year
• timwhitez / Cobalt-Strike-Aggressor-Scripts

  View on GitHub
  Cobalt Strike Aggressor 插件包
  ☆672Aug 31, 2021Updated 4 years ago
• bats3c / ADCSPwn

  View on GitHub
  A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…
  ☆863Mar 20, 2023Updated 2 years ago
• XiaoliChan / wmiexec-Pro

  View on GitHub
  New generation of wmiexec.py
  ☆1,255Jan 5, 2026Updated last month
• GhostPack / Rubeus

  View on GitHub
  Trying to tame the three-headed dog.
  ☆4,869Nov 14, 2025Updated 3 months ago
• topotam / PetitPotam

  View on GitHub
  PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
  ☆2,175Aug 15, 2024Updated last year
• Kevin-Robertson / Powermad

  View on GitHub
  PowerShell MachineAccountQuota and DNS exploit tools
  ☆1,428Jan 11, 2023Updated 3 years ago
• dirkjanm / krbrelayx

  View on GitHub
  Kerberos relaying and unconstrained delegation abuse toolkit
  ☆1,526Jan 27, 2025Updated last year
• cbwang505 / CVE-2020-0787-EXP-ALL-WINDOWS-VERSION

  View on GitHub
  Support ALL Windows Version
  ☆722Sep 11, 2020Updated 5 years ago
• gloxec / CrossC2

  View on GitHub
  generate CobaltStrike's cross-platform payload
  ☆2,540Nov 20, 2023Updated 2 years ago
• ohpe / juicy-potato

  View on GitHub
  A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts t…
  ☆2,729Dec 18, 2021Updated 4 years ago
• uknowsec / SweetPotato

  View on GitHub
  Modifying SweetPotato to support load shellcode and webshell
  ☆787Jun 2, 2021Updated 4 years ago
• bb00 / zer0dump

  View on GitHub
  Abuse CVE-2020-1472 (Zerologon) to take over a domain and then repair the local stored machine account password.
  ☆181Mar 2, 2023Updated 2 years ago
• fortra / nanodump

  View on GitHub
  The swiss army knife of LSASS dumping
  ☆2,069Sep 17, 2024Updated last year
• zcgonvh / EfsPotato

  View on GitHub
  Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).
  ☆817Dec 14, 2023Updated 2 years ago
• FuzzySecurity / StandIn

  View on GitHub
  StandIn is a small .NET35/45 AD post-exploitation toolkit
  ☆831Dec 2, 2023Updated 2 years ago
• ropnop / kerbrute

  View on GitHub
  A tool to perform Kerberos pre-auth bruteforcing
  ☆3,236Aug 20, 2024Updated last year
• danigargu / CVE-2020-0796

  View on GitHub
  CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
  ☆1,348Dec 7, 2020Updated 5 years ago
• calebstewart / CVE-2021-1675

  View on GitHub
  Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)
  ☆1,087Jul 5, 2021Updated 4 years ago
• dirkjanm / BloodHound.py

  View on GitHub
  A Python based ingestor for BloodHound
  ☆2,335Oct 24, 2025Updated 3 months ago
• dirkjanm / PKINITtools

  View on GitHub
  Tools for Kerberos PKINIT and relaying to AD CS
  ☆874Jan 3, 2025Updated last year
• uknowsec / SharpSQLTools

  View on GitHub
  SharpSQLTools 和@Rcoil一起写的小工具，可上传下载文件，xp_cmdshell与sp_oacreate执行命令回显和clr加载程序集执行相应操作。
  ☆965Aug 5, 2021Updated 4 years ago
• login-securite / lsassy

  View on GitHub
  Extract credentials from lsass remotely
  ☆2,176Dec 24, 2025Updated last month
• antonioCoco / RemotePotato0

  View on GitHub
  Windows Privilege Escalation from User to Domain Admin.
  ☆1,438Dec 18, 2022Updated 3 years ago
• fortra / impacket

  View on GitHub
  Impacket is a collection of Python classes for working with network protocols.
  ☆15,433Feb 5, 2026Updated last week
• breenmachine / RottenPotatoNG

  View on GitHub
  New version of RottenPotato as a C++ DLL and standalone C++ binary - no need for meterpreter or other tools.
  ☆967Dec 29, 2017Updated 8 years ago
• mgeeky / cobalt-arsenal

  View on GitHub
  My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
  ☆1,098Apr 19, 2023Updated 2 years ago
• blackarrowsec / redteam-research

  View on GitHub
  Collection of PoC and offensive techniques used by the BlackArrow Red Team
  ☆1,145Jul 19, 2024Updated last year
• ly4k / SpoolFool

  View on GitHub
  Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)
  ☆797Feb 9, 2022Updated 4 years ago