simondotsh / DirSync

Related projects ⓘ

Alternatives and complementary repositories for DirSync

• X-C3LL / SharpNTLMRawUnHide
  C# version of NTLMRawUnHide
  ☆72Updated 2 years ago
• klezVirus / SharpLdapRelayScan
  C# Port of LdapRelayScan
  ☆77Updated 2 years ago
• weaselsec / ClickOnce-AppDomain-Manager-Injection
  Click Once + App Domain
  ☆62Updated 11 months ago
• netero1010 / Quser-BOF
  Cobalt Strike BOF for quser.exe implementation using Windows API
  ☆83Updated last year
• NotMedic / Invoke-Nanodump
  HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection
  ☆53Updated 2 years ago
• snovvcrash / BOFs
  Beacon Object Files (not Buffer Overflows)
  ☆51Updated last year
• williamknows / BOF.NET
  A .NET Runtime for Cobalt Strike's Beacon Object Files
  ☆59Updated last month
• werdhaihai / SharpAltShellCodeExec
  Alternative Shellcode Execution Via Callbacks in C# with P/Invoke
  ☆72Updated last year
• Wh04m1001 / DiagTrackEoP
  ☆89Updated 2 years ago
• puzzlepeaches / NTLMRecon
  Enumerate information from NTLM authentication enabled web endpoints 🔎
  ☆35Updated last year
• eversinc33 / SharpStartWebclient
  Programmatically start WebClient from an unprivileged session to enable that juicy privesc.
  ☆66Updated last year
• jsecu / BOF-pack-1
  A care package of useful bofs for red team engagments
  ☆48Updated 2 years ago
• eladshamir / SharpElevator
  SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…
  ☆49Updated 2 years ago
• netero1010 / TrustedPath-UACBypass-BOF
  Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.…
  ☆118Updated 3 years ago
• bugch3ck / SharpLdapWhoami
  WhoAmI by asking the LDAP service on a domain controller.
  ☆58Updated 2 years ago
• EspressoCake / BeaconDownloadSync
  ☆91Updated 2 years ago
• xct / adopt
  Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.
  ☆13Updated 2 years ago
• Wh04m1001 / PICDumper
  ☆24Updated 2 years ago
• NVISOsecurity / cs2br-bof
  ☆59Updated 4 months ago
• netwrix / server-untrust-account
  A technique for Active Directory domain persistence
  ☆39Updated last year
• improsec / CaddyStager
  ☆35Updated 2 years ago
• Hagrid29 / DumpAADSyncCreds
  C# implementation of Get-AADIntSyncCredentials from AADInternals, which extracts Azure AD Connect credentials to AD and Azure AD from AAD…
  ☆36Updated last year
• t94j0 / sddl_py
  Parse SDDL strings
  ☆35Updated 7 months ago
• n00py / GetFGPP
  Get Fine Grained Password Policy
  ☆65Updated 6 months ago
• OG-Sadpanda / SharpSword
  Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly
  ☆117Updated last month
• RayRRT / Active-Directory-Certificate-Services-abuse
  ☆42Updated 2 years ago
• JonasBK / Powershell
  ☆30Updated this week
• Octoberfest7 / JumpSession_BOF
  Beacon Object File allowing creation of Beacons in different sessions.
  ☆76Updated 2 years ago
• Leo4j / KeyCredentialLink
  Add Shadow Credentials to a target object by editing their msDS-KeyCredentialLink attribute
  ☆19Updated 5 months ago
• REDMED-X / InjectKit
  Modified versions of the Cobalt Strike Process Injection Kit
  ☆88Updated 10 months ago