rtecCyberSec/SpeechRuntimeMove external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

rtecCyberSec/SpeechRuntimeMove

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/rtecCyberSec/SpeechRuntimeMove)

Close

rtecCyberSec / SpeechRuntimeMoveView on GitHubMore

• External links
• Readme badge

Lateral Movement as loggedon User via Speech Named Pipe COM & ISpeechNamedPipe + COM Hijacking

☆140Jul 2, 2025Updated 8 months ago

Alternatives and similar repositories for SpeechRuntimeMove

Users that are interested in SpeechRuntimeMove are comparing it to the libraries listed below

• klezVirus / RAIWhateverTrigger

  View on GitHub
  Local SYSTEM auth trigger for relaying - X
  ☆154Jul 23, 2025Updated 7 months ago
• maxDcb / DreamWalkers

  View on GitHub
  Reflective shellcode loaderwith advanced call stack spoofing and .NET support.
  ☆230Sep 19, 2025Updated 6 months ago
• 0xNinjaCyclone / EarlyCascade

  View on GitHub
  A PoC for Early Cascade process injection technique.
  ☆214Jan 30, 2025Updated last year
• 3lp4tr0n / RemoteMonologue

  View on GitHub
  Weaponizing DCOM for NTLM Authentication Coercions
  ☆201Nov 4, 2025Updated 4 months ago
• warpnet / MS-RPC-Fuzzer

  View on GitHub
  Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By f…
  ☆326Oct 20, 2025Updated 5 months ago
• rasta-mouse / Crystal-Loaders

  View on GitHub
  A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike
  ☆193Oct 29, 2025Updated 4 months ago
• xpn / adfstoolkit

  View on GitHub
  ☆38Jan 7, 2025Updated last year
• deepinstinct / DCOMUploadExec

  View on GitHub
  DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely
  ☆384Dec 13, 2024Updated last year
• Octoberfest7 / Secure_Stager

  View on GitHub
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆195Nov 27, 2024Updated last year
• CCob / DRSAT

  View on GitHub
  Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…
  ☆276Dec 27, 2024Updated last year
• xforcered / ForsHops

  View on GitHub
  ForsHops
  ☆152Mar 25, 2025Updated 11 months ago
• CICADA8-Research / COMThanasia

  View on GitHub
  A set of programs for analyzing common vulnerabilities in COM
  ☆249Sep 8, 2024Updated last year
• dmcxblue / AzureFunctionRedirector

  View on GitHub
  ☆49Apr 9, 2025Updated 11 months ago
• 0xJs / BYOVD_read_write_primitive

  View on GitHub
  Proof of Concepts code for Bring Your Own Vulnerable Driver techniques
  ☆211Aug 21, 2025Updated 7 months ago
• T3nb3w / ComDotNetExploit

  View on GitHub
  A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …
  ☆335Mar 6, 2025Updated last year
• NtDallas / KrakenMask

  View on GitHub
  Sleep obfuscation
  ☆271Dec 13, 2024Updated last year
• EvanMcBroom / sleepy

  View on GitHub
  A lexer and parser for Sleep
  ☆20Feb 20, 2026Updated last month
• xforcered / RemoteMonologue

  View on GitHub
  Weaponizing DCOM for NTLM Authentication Coercions
  ☆274Jul 1, 2025Updated 8 months ago
• silentwarble / Hannibal

  View on GitHub
  Mythic C2 Agent written in x64 PIC C
  ☆84Jan 29, 2025Updated last year
• Mr-Un1k0d3r / DotnetNoVirtualProtectShellcodeLoader

  View on GitHub
  load shellcode without P/D Invoke and VirtualProtect call.
  ☆169Sep 2, 2025Updated 6 months ago
• zzhsec / NlsCodeInjectionThroughRegistry

  View on GitHub
  Dll injection through code page id modification in registry. Based on jonas lykk research
  ☆17Jun 18, 2022Updated 3 years ago
• SlimeOnSecurity / PrintSpoofer-BOF

  View on GitHub
  ☆52May 4, 2025Updated 10 months ago
• AlmondOffSec / DCOMRunAs

  View on GitHub
  Lateral movement with DCOM DLL hijacking
  ☆176Jul 4, 2025Updated 8 months ago
• RalfHacker / Kerbeus-BOF

  View on GitHub
  BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
  ☆554Nov 23, 2025Updated 3 months ago
• voidvxvi / EnableAllTokenPrivs

  View on GitHub
  Enable or Disable TokenPrivilege(s)
  ☆15May 17, 2024Updated last year
• Thunter-HackTeam / EvilentCoerce

  View on GitHub
  ☆164May 5, 2025Updated 10 months ago
• Paradoxis / ADSyncDump-BOF

  View on GitHub
  The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…
  ☆174Sep 3, 2025Updated 6 months ago
• warpnet / COM-Fuzzer

  View on GitHub
  Gain insights into COM/DCOM implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By…
  ☆157Nov 23, 2025Updated 3 months ago
• dobin / RedEdr

  View on GitHub
  Collect Windows telemetry for Maldev
  ☆464Jan 30, 2026Updated last month
• Offensive-Panda / LsassReflectDumping

  View on GitHub
  This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…
  ☆216Oct 19, 2024Updated last year
• boku7 / StringReaper

  View on GitHub
  Reaping treasures from strings in remote processes memory
  ☆285Feb 8, 2025Updated last year
• rtecCyberSec / BitlockMove

  View on GitHub
  Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking
  ☆438Jun 27, 2025Updated 8 months ago
• dmcxblue / AzureStrike

  View on GitHub
  An HTA Application which builds Azure (Entra) Scenarios for Red Team Simulations
  ☆62Aug 18, 2025Updated 7 months ago
• Macmod / ldapx

  View on GitHub
  Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.
  ☆195Feb 16, 2026Updated last month
• safedv / RustSoliloquy

  View on GitHub
  A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …
  ☆191Apr 26, 2025Updated 10 months ago
• ioncodes / SilentLoad

  View on GitHub
  "Service-less" driver loading
  ☆184Nov 28, 2024Updated last year
• zero2504 / Early-Cryo-Bird-Injections

  View on GitHub
  Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects
  ☆139Apr 6, 2025Updated 11 months ago
• temp43487580 / EntraPassTheCert

  View on GitHub
  tool for requesting Entra ID's P2P certificate and authenticating to a remote Entra joinned devices with it
  ☆136Aug 23, 2025Updated 6 months ago
• joaoviictorti / rustclr

  View on GitHub
  Host CLR and run .NET binaries using Rust
  ☆153Dec 23, 2025Updated 2 months ago