secureworks / whiskeysamlandfriendsView external linksLinks
GoldenSAML Attack Libraries and Framework
☆77Jun 5, 2024Updated last year
Alternatives and similar repositories for whiskeysamlandfriends
Users that are interested in whiskeysamlandfriends are comparing it to the libraries listed below
Sorting:
- ☆410Updated this week
- ☆23Nov 13, 2021Updated 4 years ago
- Test Azure environment for MFA misconfigurations☆12Jan 13, 2023Updated 3 years ago
- ☆376Aug 7, 2023Updated 2 years ago
- "Golden" certificates☆710Aug 17, 2024Updated last year
- ☆34Apr 5, 2017Updated 8 years ago
- Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token☆26Dec 1, 2022Updated 3 years ago
- An injector that aims to be stealthy by using non suspicious API calls. Inspired by (https://github.com/FuzzySecurity/Sharp-Suite/tree/ma…☆24Jun 17, 2020Updated 5 years ago
- A proof of concept on attack vectors against Active Directory by abusing Active Directory Certificate Services (ADCS)☆194Jul 7, 2021Updated 4 years ago
- ☆118Jun 2, 2021Updated 4 years ago
- ADCS abuser☆313Feb 6, 2023Updated 3 years ago
- A *very* imperfect attempt to correlate Kernel32 function calls to native API (Nt/Zw) counterparts/execution flow.☆28Dec 16, 2021Updated 4 years ago
- OPSEC safe Kerberoasting in C#☆198Jun 14, 2022Updated 3 years ago
- ☆209Feb 24, 2022Updated 3 years ago
- Inspired by gowitness and EyeWitness☆15Mar 11, 2025Updated 11 months ago
- ☆160Feb 8, 2025Updated last year
- Check if MS-RPRN is remotely available with powershell/c#☆179Oct 21, 2018Updated 7 years ago
- ☆33Feb 26, 2022Updated 3 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆53Dec 21, 2021Updated 4 years ago
- Industrial Control Systems Network Protocol Parsers☆189Sep 4, 2025Updated 5 months ago
- Research into Undocumented Behavior of Azure AD Refresh Tokens☆337Feb 23, 2024Updated last year
- ☆14Dec 11, 2025Updated 2 months ago
- Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later☆95May 9, 2023Updated 2 years ago
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆257Dec 2, 2021Updated 4 years ago
- Just another casual shellcode native loader☆25Feb 3, 2022Updated 4 years ago
- Payload designed for targeting Jamf enrolled devices.☆39May 19, 2023Updated 2 years ago
- Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)☆276Jan 13, 2022Updated 4 years ago
- ☆199Jan 30, 2026Updated 2 weeks ago
- A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY☆89Feb 16, 2022Updated 4 years ago
- Exfiltrate blind Remote Code Execution and SQL injection output over DNS via Burp Collaborator.☆277Jan 28, 2025Updated last year
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆863Mar 20, 2023Updated 2 years ago
- A tool to query for the existence of pre-windows 2000 computer objects.☆366Dec 23, 2025Updated last month
- CNA that interacts with a JAR file to dynamically rename GUI tabs within Cobalt Strike from a JSON file.☆25May 23, 2022Updated 3 years ago
- Proof-of-concept tools for my AD Forest trust research☆232Jun 10, 2024Updated last year
- A tool to Impersonate logged on users without touching LSASS (Including non-Interactive sessions).☆92Nov 23, 2022Updated 3 years ago
- ☆27Feb 3, 2026Updated 2 weeks ago
- C# utility that uses WMI to run "cmd.exe /c netstat -n", save the output to a file, then use SMB to read and delete the file remotely☆38Jan 3, 2020Updated 6 years ago
- Tool to find and extract credentials from phone configuration files hosted on CUCM☆104May 4, 2019Updated 6 years ago
- NTLM relaying for Windows made easy☆579Apr 25, 2023Updated 2 years ago