snovvcrash / KrbRelayUp
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
☆12Updated 2 years ago
Alternatives and similar repositories for KrbRelayUp:
Users that are interested in KrbRelayUp are comparing it to the libraries listed below
- Modified version of PEAS client for offensive operations☆40Updated 2 years ago
- ☆15Updated 2 years ago
- A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…☆32Updated 2 years ago
- Perform Windows domain enumeration via LDAP☆36Updated 2 years ago
- A multithreaded, queued SSH key and/or password spraying tool.☆18Updated 2 years ago
- Convert ldapdomaindump to Bloodhound☆79Updated last year
- ☆24Updated 3 years ago
- Port forwarding via MSRPC (445/tcp) [WIP]☆32Updated 3 years ago
- Remote Code Execution on Microsoft Exchange Server through fixed cryptographic keys☆20Updated 3 years ago
- ☆19Updated last year
- Execute Mimikatz with different technique☆51Updated 3 years ago
- ☆21Updated last year
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Updated 2 years ago
- ☆17Updated 4 years ago
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Updated 2 years ago
- SMB Auto Relay provides the automation of SMB/NTLM Relay technique for pentesting and red teaming exercises in active directory environme…☆47Updated 4 years ago
- OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.☆90Updated 3 years ago
- Cobalt Strike profile generator using Jenkins to automate the heavy lifting☆34Updated 2 years ago
- Create PDFs with HTML smuggling attachments that save on opening the document.☆29Updated last year
- Federated Office365 user enumeration based on correlated response trend analysis☆50Updated 2 years ago
- WhoAmI by asking the LDAP service on a domain controller.☆61Updated 3 years ago
- Matryoshka loader is a tool that red team operators can leverage to generate shellcode for Microsoft Office document phishing payloads.☆40Updated 3 years ago
- This is a CS project that will encrypt shell code from msfvenom using AES☆22Updated 3 years ago
- ☆35Updated 4 years ago
- Script written in python to perform Resource-Based Constrained Delegation (RBCD) attack by leveraging Impacket toolkit.☆20Updated 3 years ago
- ☆14Updated 2 years ago
- .NET wrapper around LogonUserA to test creds☆11Updated 2 years ago
- Multi-threaded C2 framework built in Flask with keylogger - from the Offensive C# Course by Naga Sai Nikhil☆21Updated 2 years ago
- Python script to exploit CVE-2022-22954 and then exploit CVE-2022-22960☆2Updated 2 years ago
- Use rpc null sessions to retrieve machine list, domain admin list, domain controllers☆14Updated 2 years ago