roobixx / EventLogForRedTeamsLinks
Simple PoC from Malicious Payload Injection from Windows Event Log Entry
☆28Updated 3 years ago
Alternatives and similar repositories for EventLogForRedTeams
Users that are interested in EventLogForRedTeams are comparing it to the libraries listed below
Sorting:
- A module for CME that spiders across a domain.☆35Updated 3 years ago
- Retrieve AD accounts description and search for password in it☆83Updated 3 years ago
- ☆85Updated 2 years ago
- Updated version of PowerDNS by @domchell. Adds support for transfers over DNS A records and a few other useful features.☆84Updated 2 years ago
- Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later☆93Updated 2 years ago
- Federated Office365 user enumeration based on correlated response trend analysis☆51Updated 3 years ago
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆56Updated 3 years ago
- A collection of tools Neil and Andy have been working on released in one place and interlinked with previous tools☆88Updated 2 years ago
- BloodCheck enables Red and Blue Teams to manage multiple Neo4j databases and run Cypher queries against a BloodHound dataset.☆17Updated 4 years ago
- Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket.☆98Updated last year
- C# version of NTLMRawUnHide☆72Updated 2 years ago
- ☆43Updated 3 years ago
- Golang search engine scraper intended for identification of published ClickOnce deployments☆86Updated 10 months ago
- Some scripts to support with importing large datasets into BloodHound☆81Updated last year
- ☆44Updated last year
- A technique for Active Directory domain persistence☆39Updated 2 years ago
- ☆35Updated 3 years ago
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆129Updated 2 years ago
- Small utility to chunk up a large BloodHound JSON file into smaller files for importing.☆95Updated 2 years ago
- ☆39Updated last year
- PoC for CVE-2021-36934, which enables a standard user to be able to retrieve the SAM, Security, and Software Registry hives in Windows 10…☆35Updated 3 years ago
- Weaponising C# - Fundamentals Training Content☆70Updated 4 years ago
- PowerSploit - A PowerShell Post-Exploitation Framework☆42Updated 6 months ago
- Windows Persistence Toolkit in C#☆37Updated 3 years ago
- My BloodHound custom queries☆25Updated 2 years ago
- ☆73Updated 3 months ago
- Python tool to find vulnerable AD object and generating csv report☆26Updated 3 years ago
- Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.☆120Updated 3 years ago
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆57Updated 2 years ago
- Slide decks and/or materials from conference presentations☆56Updated 2 years ago