sensepost / goLAPS
Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.
☆81Updated last month
Alternatives and similar repositories for goLAPS:
Users that are interested in goLAPS are comparing it to the libraries listed below
- Active Directory Authentication Library☆62Updated last week
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆161Updated 4 months ago
- .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS☆136Updated 2 months ago
- Tool to extract username and password of current user from PanGPA in plaintext☆83Updated 3 months ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆145Updated 11 months ago
- Inject RDPThief into memory with PowerShell.☆62Updated 2 months ago
- Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)☆65Updated 10 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆86Updated 9 months ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆113Updated 2 weeks ago
- Source code and examples for PassiveAggression☆55Updated 10 months ago
- ☆55Updated 5 months ago
- Morpheus is a memory dumper that extracts lsass.exe in RAM and exfiltrates it via forged NTP packets. It uses RC4 encryption and Reed-Sol…☆88Updated last week
- Fully automated windows credentials dumper, for SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine with…☆75Updated 5 months ago
- Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.☆109Updated 3 months ago
- Our Tips&Tricks☆115Updated 2 months ago
- ☆54Updated 2 months ago
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆136Updated 3 weeks ago
- A Kerberos AP-REQ hijacking tool with DNS unsecure updates abuse.☆112Updated 2 months ago
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆161Updated 4 months ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆119Updated 6 months ago
- Uses rpcdump to locate the ADCS server, and identify if ESC8 is vulnerable from unauthenticated perspective.☆80Updated 7 months ago
- CaptainCredz is a modular and discreet password-spraying tool.☆105Updated 2 weeks ago
- Stage 0☆155Updated 4 months ago
- ☆58Updated 6 months ago
- IPSpinner works as a local proxy that redirects requests through external services.☆42Updated 3 weeks ago
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆111Updated 11 months ago
- ☆174Updated 3 weeks ago
- ☆83Updated 3 months ago
- Example code samples from our ScriptBlock Smuggling Blog post☆90Updated 10 months ago
- A Python POC for CRED1 over SOCKS5☆147Updated 6 months ago