Scanning tool for identifying local privilege escalation issues in vulnerable MSI installers
☆126Sep 12, 2024Updated last year
Alternatives and similar repositories for msiscan
Users that are interested in msiscan are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆100Sep 1, 2024Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago
- A collection of tools using OCR to extract potential usernames from RDP screenshots.☆30Apr 15, 2024Updated last year
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆640May 8, 2025Updated 10 months ago
- ☆234Oct 8, 2024Updated last year
- ☆126Sep 1, 2024Updated last year
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆216Oct 19, 2024Updated last year
- Abusing Azure services over C2☆367Jan 20, 2026Updated 2 months ago
- ☆79Aug 5, 2024Updated last year
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆234Feb 12, 2025Updated last year
- Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …☆230Oct 6, 2024Updated last year
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆211Jun 10, 2024Updated last year
- Internal Monologue BOF☆79Dec 28, 2024Updated last year
- ☆121Nov 21, 2024Updated last year
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆133Oct 4, 2024Updated last year
- Automated .NET AppDomain hijack payload generation☆129Feb 4, 2025Updated last year
- A BOF to enumerate system process, their protection levels, and more.☆125Nov 27, 2024Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆347Nov 19, 2024Updated last year
- Lateral Movement Using DCOM and DLL Hijacking☆324Jun 18, 2023Updated 2 years ago
- CaptainCredz is a modular and discreet password-spraying tool.☆134Jul 22, 2025Updated 8 months ago
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆301Jul 31, 2024Updated last year
- A Python POC for CRED1 over SOCKS5☆165Oct 5, 2024Updated last year
- ☆206May 29, 2024Updated last year
- A BOF that runs unmanaged PEs inline☆685Oct 23, 2024Updated last year
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆79Aug 5, 2024Updated last year
- A dotnet executable to get an Entra token in an authenticated runtime☆17Oct 30, 2024Updated last year
- SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.☆266Nov 22, 2025Updated 4 months ago
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆276Dec 27, 2024Updated last year
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 11 months ago
- A BloodHound collector for Microsoft Configuration Manager☆393Jul 7, 2025Updated 8 months ago
- ForsHops☆153Mar 25, 2025Updated last year
- Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By f…☆326Oct 20, 2025Updated 5 months ago
- Cobalt Strike Beacon Object File to to change the user's desktop wallpaper☆17Sep 15, 2023Updated 2 years ago
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆361Aug 11, 2024Updated last year
- BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR☆76Feb 9, 2024Updated 2 years ago
- ☆108Aug 21, 2024Updated last year
- Identify binaries with Authenticode digital signatures signed to an internal CA/domain☆40Feb 6, 2024Updated 2 years ago
- BOF for C2 framework☆44Nov 9, 2024Updated last year