Code and data for our paper "Onelogon: Taking over Active Directory Accounts via Netlogon" (WOOT’26).
☆107Jun 22, 2026Updated 3 weeks ago
Alternatives and similar repositories for onelogon
Users that are interested in onelogon are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Dump TGTs remotely and convert Windows' klist binary output to ccache.☆80Jun 30, 2026Updated 2 weeks ago
- DCOM in memory and fileless lateral movement techniques through .Net deserilization☆272Jun 22, 2026Updated 3 weeks ago
- Proof-of-Concept tool to dump trusted domain objects☆44May 14, 2026Updated 2 months ago
- goLoL is a Windows host scanner with dual support for LOLBAS binaries and LOLDrivers. It lists LOLBAS techniques runnable at your current…☆66Jun 28, 2026Updated 2 weeks ago
- Monitor the Windows Event Log with grep-like features or filtering for specific Event IDs☆134Mar 26, 2026Updated 3 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Multi-architecture Linux privilege escalation toolkit with 24 pre-built and runtime-compilable exploits. Auto-detects kernel version, fil…☆303Jul 7, 2026Updated last week
- Active Directory Certificate Services (ADCS) enumeration library with BloodHound CE v6 export support☆82Jun 10, 2026Updated last month
- Async BOF to automatically extract or renew Kerberos TGTs on a target system.☆134Updated this week
- BOF POC of the DSCourier project / invoking WinGet via COM☆90Apr 23, 2026Updated 2 months ago
- A Ligolo-ng JavaScript agent working inside Chrome & Chromium-based browsers by leveraging Isolated Web Applications.☆134Mar 30, 2026Updated 3 months ago
- Windows security research toolkit for LPE, persistence, COM hijacking, and attack surface enumeration.☆204Jun 13, 2026Updated last month
- Proof of concept for Kerberos Armoring abuse.☆86Dec 12, 2025Updated 7 months ago
- CVE-2025-59501 POC code☆25Nov 20, 2025Updated 7 months ago
- A stealthy and modular Windows loader designed to bypass modern EDR solutions using Module Stomping, Stack Duplication, and Advanced Slee…☆66Updated this week
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- DSCourier is a proof-of-concept that uses the WinGet Configuration COM API to apply DSC configurations through Microsoft-signed binaries.☆210Jun 25, 2026Updated 2 weeks ago
- Polymorphic PE rewriter for Windows x64 , rewrites binaries into semantically identical but byte-different variants☆192Jun 6, 2026Updated last month
- NTLM Relaying to generic web services with NTLM authentication☆77Mar 20, 2026Updated 3 months ago
- CVE-2026-41089 PoC — Netlogon CLDAP stack buffer overflow (CVSS 9.8 CRITICAL)☆207Jun 2, 2026Updated last month
- Extract DPAPI CREDHIST and Masterkey hashes☆21May 28, 2026Updated last month
- This is a collection of proof-of-concept exploits for various targets.☆42Jun 10, 2026Updated last month
- Windows SSH Misconfiguration Discovery Tool - Map lateral movement paths through misconfigured SSH services in Active Directory environme…☆88May 11, 2026Updated 2 months ago
- NØW is a word-based shellcode encoding and obfuscation tool that transforms raw shellcode bytes into natural-looking English prose.☆68Jun 24, 2026Updated 2 weeks ago
- kerberos in rust for fun and profit☆70Mar 13, 2026Updated 4 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- ☆53Apr 17, 2026Updated 2 months ago
- WasmForge — compile Go and C# programs to single-binary, WASM-sandboxed native executables with polymorphic output.☆99Jun 24, 2026Updated 2 weeks ago
- A tool uses the QoS Policy (Pacer.sys) to throttle Endpoint Detection and Response (EDR) agents from connecting to the server.☆300Jun 13, 2026Updated last month
- Opengraph-Compatible JSON Generator for BloodHound☆29Mar 30, 2026Updated 3 months ago
- A Python POC for CRED1 over SOCKS5☆172Oct 5, 2024Updated last year
- This repo contains the results of an internal re-write of impacket I undertook at my current company. It contains some of the IoCs found …☆313May 24, 2026Updated last month
- ☆42Jul 1, 2026Updated last week
- Extract Windows credentials directly from VM memory snapshots and virtual disks☆1,415Jun 7, 2026Updated last month
- A Cobalt Strike Beacon Object File that exploits the BlueHammer vulnerability that to obtain a copy of the SAM database.☆166Apr 15, 2026Updated 2 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Automating the MITM attack on WSUS☆378Jul 4, 2026Updated last week
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆370Dec 13, 2025Updated 7 months ago
- Another new coercion primitive with LPE - machine-account NTLM coercion from a non-admin user via Windows Store InstallService plugin res…☆86Jun 20, 2026Updated 3 weeks ago
- Another BYOVD process killer. works on all EDR's. fully signed.☆285May 19, 2026Updated last month
- ☆198Jun 11, 2026Updated last month
- psexecsvc - a python implementation of PSExec's native service implementation☆307Mar 24, 2026Updated 3 months ago
- Adaptix C2 extender to support Cobalt Strike Malleable C2 profiles☆47Jun 28, 2026Updated 2 weeks ago