snovvcrash / KrbRelayUp
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
☆12Updated 2 years ago
Alternatives and similar repositories for KrbRelayUp
Users that are interested in KrbRelayUp are comparing it to the libraries listed below
Sorting:
- Modified version of PEAS client for offensive operations☆41Updated 2 years ago
- A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…☆32Updated 2 years ago
- ☆16Updated 2 years ago
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Updated 2 years ago
- Perform Windows domain enumeration via LDAP☆36Updated 2 years ago
- A multithreaded, queued SSH key and/or password spraying tool.☆18Updated 2 years ago
- Port forwarding via MSRPC (445/tcp) [WIP]☆32Updated 3 years ago
- ☆17Updated 4 years ago
- Add SD for controlled computer object to a target object for RBCD using LDAP☆38Updated 3 years ago
- Finding SSL Blindspots for Red Teams☆32Updated 4 years ago
- SharpReg is a simple code set to interact with the Remote Registry service api and is compatible with Cobalt Strike.☆29Updated 5 years ago
- Cobalt Strike profile generator using Jenkins to automate the heavy lifting☆36Updated 2 years ago
- A C# Tool to find left over pentest data for use in your pentest or redteam op. Blue could maybe use to find files to cleanup☆37Updated last year
- ☆35Updated 4 years ago
- Matryoshka loader is a tool that red team operators can leverage to generate shellcode for Microsoft Office document phishing payloads.☆40Updated 3 years ago
- Convert ldapdomaindump to Bloodhound☆80Updated last year
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Updated 2 years ago
- .NET wrapper around LogonUserA to test creds☆12Updated 2 years ago
- ☆18Updated 4 years ago
- Use rpc null sessions to retrieve machine list, domain admin list, domain controllers☆14Updated 2 years ago
- Execute Mimikatz with different technique☆51Updated 3 years ago
- Create PDFs with HTML smuggling attachments that save on opening the document.☆29Updated last year
- IOXIDResolver from AirBus Security/PingCastle☆50Updated 4 years ago
- A Couple of Python Scripts Leveraging MS365's GraphAPI to Send Custom Calendar Events / Emails from Cheap O365 Accounts☆18Updated last year
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆55Updated 3 years ago
- OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.☆91Updated 3 years ago
- A cloud automation system for Red Teams based on Terraform and Ansible☆23Updated 4 years ago
- C# .Net 5.0 project to build BOF (Beacon Object Files) in mass☆28Updated last year
- Items related to the RedELK workshop given at security conferences☆29Updated last year
- ☆25Updated 3 years ago