sho-luv / zerologon
Zerologon Check and Exploit - Discovered by Tom Tervoort of Secura and expanded on @Dirkjanm's cve-2020-1472 coded example. This tool will check, exploit and restore password to original state
☆17Updated 3 years ago
Alternatives and similar repositories for zerologon:
Users that are interested in zerologon are comparing it to the libraries listed below
- Add SD for controlled computer object to a target object for RBCD using LDAP☆38Updated 3 years ago
- Convert ldapdomaindump to Bloodhound☆79Updated last year
- Generate AES128/256 Kerberos keys for an AD account using a plaintext password and Python3☆51Updated 2 years ago
- Create a lnk shortcut file for Windows☆17Updated 6 years ago
- Secretsdump C# version only supporting local (live) operation☆48Updated this week
- A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket☆55Updated 4 years ago
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆55Updated 3 years ago
- Federated Office365 user enumeration based on correlated response trend analysis☆51Updated 2 years ago
- Socks Proxy Server Plugin for Invoke-SocksProxy☆17Updated last month
- Port forwarding via MSRPC (445/tcp) [WIP]☆32Updated 3 years ago
- Scripts for public use that we've randomly written, or have updated from other people's work.☆40Updated 10 months ago
- A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…☆32Updated 2 years ago
- Bypass AMSI via PowerShell by splitting a file into multiple chunks☆52Updated 3 years ago
- Get Fine Grained Password Policy☆70Updated last week
- ☆47Updated 3 years ago
- ☆38Updated 2 years ago
- ☆71Updated last year
- OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.☆91Updated 3 years ago
- Modified version of PEAS client for offensive operations☆41Updated 2 years ago
- A tool for performing light brute-forcing of HTTP servers to identify commonly accessible NTLM authentication endpoints.☆88Updated last year
- load dumped csharp binaries as assemblies and launch them in memory☆26Updated last year
- A C# program featuring an all-in-one bypass for CLM, AppLocker and AMSI using Runspace.☆18Updated 2 years ago
- Exchangelib wrapper for pentesting☆64Updated 2 months ago
- Perform Windows domain enumeration via LDAP☆36Updated 2 years ago
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆80Updated last year
- ☆17Updated 4 years ago
- User enumeration and password spraying tool for testing Azure AD☆69Updated 3 years ago
- C# tool to discover low hanging fruits☆93Updated 2 years ago
- IOXIDResolver from AirBus Security/PingCastle☆50Updated 4 years ago
- cobalt strike tools☆31Updated 3 years ago