Scanning tool for identifying local privilege escalation issues in vulnerable MSI installers
☆127Sep 12, 2024Updated last year
Alternatives and similar repositories for msiscan
Users that are interested in msiscan are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆100Sep 1, 2024Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆108Jan 24, 2024Updated 2 years ago
- A collection of tools using OCR to extract potential usernames from RDP screenshots.☆30Apr 15, 2024Updated 2 years ago
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆651May 8, 2025Updated last year
- ☆238Oct 8, 2024Updated last year
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- ☆127Sep 1, 2024Updated last year
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆218Oct 19, 2024Updated last year
- ☆80Aug 5, 2024Updated last year
- Abusing Azure services over C2☆376Jan 20, 2026Updated 5 months ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆240Feb 12, 2025Updated last year
- Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …☆233Oct 6, 2024Updated last year
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆211Jun 10, 2024Updated 2 years ago
- Internal Monologue BOF☆79Dec 28, 2024Updated last year
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆134Oct 4, 2024Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- ☆122Nov 21, 2024Updated last year
- Automated .NET AppDomain hijack payload generation☆129Feb 4, 2025Updated last year
- A BOF to enumerate system process, their protection levels, and more.☆125Nov 27, 2024Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆285Sep 18, 2024Updated last year
- Lateral Movement Using DCOM and DLL Hijacking☆327Jun 18, 2023Updated 3 years ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆361Nov 19, 2024Updated last year
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆311Jul 31, 2024Updated last year
- CaptainCredz is a modular and discreet password-spraying tool.☆138Jun 24, 2026Updated last week
- A Python POC for CRED1 over SOCKS5☆172Oct 5, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆208May 29, 2024Updated 2 years ago
- A BOF that runs unmanaged PEs inline☆702Oct 23, 2024Updated last year
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆79Aug 5, 2024Updated last year
- A dotnet executable to get an Entra token in an authenticated runtime☆17Oct 30, 2024Updated last year
- SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.☆272Nov 22, 2025Updated 7 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated last year
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆312Mar 28, 2026Updated 3 months ago
- ForsHops☆154Mar 25, 2025Updated last year
- Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By f…☆346May 4, 2026Updated 2 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A BloodHound collector for Microsoft Configuration Manager☆401Jul 7, 2025Updated 11 months ago
- Cobalt Strike Beacon Object File to to change the user's desktop wallpaper☆17Sep 15, 2023Updated 2 years ago
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆360Aug 11, 2024Updated last year
- BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR☆76Feb 9, 2024Updated 2 years ago
- ☆111Aug 21, 2024Updated last year
- Identify binaries with Authenticode digital signatures signed to an internal CA/domain☆40Feb 6, 2024Updated 2 years ago
- BOF for C2 framework☆44Nov 9, 2024Updated last year