sandumjacob / IngressNightmare-POCsView external linksLinks
CVE-2025-1974
☆90Apr 2, 2025Updated 10 months ago
Alternatives and similar repositories for IngressNightmare-POCs
Users that are interested in IngressNightmare-POCs are comparing it to the libraries listed below
Sorting:
- Proof of Concept Exploit for CVE-2024-9465☆30Oct 9, 2024Updated last year
- This is a PoC code to exploit the IngressNightmare vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974).☆248Mar 26, 2025Updated 10 months ago
- ☆53Mar 25, 2025Updated 10 months ago
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆86Mar 6, 2025Updated 11 months ago
- Unix Process hollowing in rust☆22Dec 16, 2024Updated last year
- Citrix Virtual Apps and Desktops (XEN) Unauthenticated RCE☆200Nov 12, 2024Updated last year
- Detect Remote Local Credentials Dumping using a Shadow Snapshot☆32Jan 27, 2025Updated last year
- ☆41Mar 12, 2025Updated 11 months ago
- Advanced test for proxy & waf☆13Feb 10, 2026Updated last week
- PoC for CVE-2025-22457 - A remote unauthenticated stack based buffer overflow affecting Ivanti Connect Secure, Pulse Connect Secure, Ivan…☆71Apr 25, 2025Updated 9 months ago
- A tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs)☆61Feb 4, 2026Updated last week
- ☆198Mar 28, 2025Updated 10 months ago
- CVE-2025-24016: Wazuh Unsafe Deserialization Remote Code Execution (RCE)☆42Feb 19, 2025Updated 11 months ago
- Tools for attacking Azure Function Apps☆88Oct 28, 2025Updated 3 months ago
- CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File☆395Mar 20, 2025Updated 10 months ago
- Pyload RCE with js2py sandbox escape☆17Oct 26, 2024Updated last year
- Proof of Concept Exploit for CVE-2024-9464☆45Oct 9, 2024Updated last year
- Apache Tomcat 远程代码执行漏洞批量检测脚本(CVE-2025-24813)☆95Apr 2, 2025Updated 10 months ago
- ☆19May 1, 2025Updated 9 months ago
- ☆28Sep 9, 2024Updated last year
- Exploit AD CS misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise☆126Dec 2, 2023Updated 2 years ago
- Dump Kerberos tickets from the KCM database of SSSD☆55Dec 31, 2025Updated last month
- Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…☆81Jun 21, 2025Updated 7 months ago
- SANS Workshop: Active Directory Privilege Escalation with Empire!☆35Nov 12, 2025Updated 3 months ago
- ☆40Apr 23, 2025Updated 9 months ago
- ☆26Aug 11, 2025Updated 6 months ago
- WebSocket and SQL Injection Exploit Script☆40Feb 27, 2025Updated 11 months ago
- smugglo - an easy to use script for wrapping files into self-dropping HTML payloads to bypass content filters☆131Mar 25, 2025Updated 10 months ago
- sl0ppy-PrivescTaskCreator.ps1☆40Oct 8, 2025Updated 4 months ago
- Automated Active Directory lab running on Proxmox☆88Aug 8, 2025Updated 6 months ago
- SharePoint WebPart Injection Exploit Tool☆311Nov 28, 2025Updated 2 months ago
- CVE-2024-38200 & CVE-2024-43609 - Microsoft Office NTLMv2 Disclosure Vulnerability☆146Jan 13, 2025Updated last year
- Azure Post Exploitation Framework☆244Oct 27, 2025Updated 3 months ago
- ACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminatin…☆121Jan 15, 2025Updated last year
- ☆53Aug 11, 2024Updated last year
- A security assessment tool for analyzing Active Directory Group Policy Objects (GPOs) to identify misconfigurations and vulnerabilities☆318Mar 27, 2025Updated 10 months ago
- TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and …☆376Jan 23, 2025Updated last year
- A PoC for Early Cascade process injection technique.☆208Jan 30, 2025Updated last year
- Morpheus is an lsass stealer that extracts lsass.exe in RAM and exfiltrates it via forged and crypted NTP packets. For authorized testin…☆159Jun 19, 2025Updated 7 months ago