slemire / WSPCoerceLinks
PoC to coerce authentication from Windows hosts using MS-WSP
☆258Updated last year
Alternatives and similar repositories for WSPCoerce
Users that are interested in WSPCoerce are comparing it to the libraries listed below
Sorting:
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆258Updated 2 years ago
- ADCS cert template modification and ACL enumeration☆142Updated 2 years ago
- Python tool to Check running WebClient services on multiple targets based on @leechristensen☆280Updated 4 years ago
- Attempt at Obfuscated version of SharpCollection☆219Updated this week
- ☆212Updated last year
- Determine if the WebClient Service (WebDAV) is running on a remote system☆139Updated last year
- MS-FSRVP coercion abuse PoC☆296Updated 3 years ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆323Updated 9 months ago
- Python implementation for PetitPotam☆208Updated 3 years ago
- My implementation of the GIUDA project in C++☆185Updated 2 years ago
- Use ESC1 to perform a makeshift DCSync and dump hashes☆212Updated last year
- COFF file (BOF) for managing Kerberos tickets.☆306Updated 2 years ago
- ☆230Updated last year
- Recovering NTLM hashes from Credential Guard☆345Updated 2 years ago
- ☆155Updated 6 months ago
- ☆222Updated last year
- ☆163Updated 9 months ago
- A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY☆86Updated 3 years ago
- Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin pr…☆236Updated last year
- Patch AMSI and ETW☆245Updated last year
- OPSEC safe Kerberoasting in C#☆192Updated 3 years ago
- A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.☆131Updated last year
- A collection of code snippets built to assist with breaking chains.☆123Updated last year
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆357Updated last year
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆117Updated 2 years ago
- Buggy script to play with GPOs☆115Updated 7 months ago
- Extracting NetNTLM without touching lsass.exe☆239Updated last year
- A variety of AV evasion techniques written in C# for practice.☆95Updated 4 years ago
- Patching AmsiOpenSession by forcing an error branching☆147Updated 2 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆300Updated 2 years ago