skelsec / aardwolf
Asynchronous RDP client for Python (headless)
☆145Updated 2 weeks ago
Related projects: ⓘ
- Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527)☆178Updated 2 years ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆250Updated last year
- ADCS cert template modification and ACL enumeration☆126Updated last year
- ☆216Updated 10 months ago
- PrintNightmare (CVE-2021-34527) PoC Exploit☆102Updated last year
- Set of python scripts which perform different ways of command execution via WMI protocol.☆157Updated last year
- Extendable payload obfuscation and delivery framework☆140Updated last year
- ACL abuse swiss-knife☆116Updated last year
- A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.☆124Updated 11 months ago
- A BOF to automate common persistence tasks for red teamers☆263Updated last year
- ☆92Updated last year
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆291Updated last year
- ☆144Updated 7 months ago
- ☆110Updated last year
- Patch AMSI and ETW☆227Updated 4 months ago
- COM Hijacking VOODOO☆253Updated 6 months ago
- C# tool to identify and exploit weaknesses within MSSQL instances in Active Directory environments☆105Updated 2 years ago
- My implementation of the GIUDA project in C++☆152Updated last year
- ADCS abuser☆244Updated last year
- Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…☆102Updated 2 years ago
- ☆153Updated this week
- Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus☆224Updated 2 years ago
- RIPPL is a tool that abuses a usermode only exploit to manipulate PPL processes on Windows☆6Updated 2 years ago
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆164Updated last year
- ☆245Updated this week
- ☆138Updated this week
- ☆174Updated 5 months ago
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆293Updated 6 months ago
- Proof-of-concept tools for my AD Forest trust research☆181Updated 3 months ago
- Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) SMB shares☆152Updated last year