sho-luv / zerologonLinks
Zerologon Check and Exploit - Discovered by Tom Tervoort of Secura and expanded on @Dirkjanm's cve-2020-1472 coded example. This tool will check, exploit and restore password to original state
☆18Updated 3 years ago
Alternatives and similar repositories for zerologon
Users that are interested in zerologon are comparing it to the libraries listed below
Sorting:
- ☆71Updated last year
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆56Updated 3 years ago
- C# .Net Framework program that uses RunspaceFactory for Powershell command execution.☆18Updated 2 years ago
- Convert ldapdomaindump to Bloodhound☆80Updated last year
- Add SD for controlled computer object to a target object for RBCD using LDAP☆38Updated 3 years ago
- PowerSploit - A PowerShell Post-Exploitation Framework☆42Updated 2 months ago
- OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.☆91Updated 3 years ago
- A tool for performing light brute-forcing of HTTP servers to identify commonly accessible NTLM authentication endpoints.☆91Updated last year
- Get Fine Grained Password Policy☆70Updated last month
- A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…☆32Updated 2 years ago
- A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket☆58Updated 5 years ago
- Secretsdump C# version only supporting local (live) operation☆49Updated last month
- ☆37Updated 4 years ago
- Modified version of PEAS client for offensive operations☆41Updated 2 years ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆74Updated 2 years ago
- An old Windows workstations LPE for domain environments without LDAP signing/channel binding.☆34Updated 2 years ago
- Bypass AMSI via PowerShell by splitting a file into multiple chunks☆53Updated 3 years ago
- My BloodHound custom queries☆23Updated 2 years ago
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆81Updated last year
- Scripts for public use that we've randomly written, or have updated from other people's work.☆40Updated 11 months ago
- A tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs)☆57Updated last week
- Tool for issuing manual LDAP queries which offers bofhound compatible output☆52Updated last year
- Generate droppers with encrypted payloads automatically.☆54Updated 3 years ago
- Leveraging AWS Lambda Function URLs for C2 Redirection☆35Updated last year
- Static standalone binaries for Linux and Windows (x64) of Python offensive tools. Compiled using PyInstaller, Docker for Windows, WSL2, a…☆101Updated 3 years ago
- A BOF tool that can be used to collect passwords using CredUIPromptForWindowsCredentialsName.☆15Updated 2 years ago
- Impacket is a collection of Python classes for working with network protocols.☆18Updated 3 weeks ago
- Binary and CrackMapExec module to impersonate tokens on a windows machine☆44Updated 2 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆67Updated 11 months ago
- Perform Windows domain enumeration via LDAP☆36Updated 3 years ago