snovvcrash / MirrorDump
Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in memory
☆102Updated 2 years ago
Alternatives and similar repositories for MirrorDump:
Users that are interested in MirrorDump are comparing it to the libraries listed below
- Pass the Hash to a named pipe for token Impersonation☆141Updated 3 years ago
- DLL Hijack Search Order Enumeration BOF☆147Updated 3 years ago
- ☆88Updated 2 years ago
- credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege☆123Updated 3 years ago
- ☆139Updated 2 years ago
- Tool for interacting with outlook interop during red team engagements☆143Updated 3 years ago
- Checks for signature requirements over LDAP☆97Updated 2 years ago
- C# version of Powermad☆162Updated last year
- MSBuild without MSbuild.exe☆131Updated 4 years ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆99Updated 3 years ago
- Collection of CobaltStrike beacon object files☆102Updated 3 years ago
- POC tools for exploring SMB over QUIC protocol☆121Updated 2 years ago
- A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket☆54Updated 4 years ago
- ☆92Updated 2 years ago
- Convert Cobalt Strike profiles to IIS web.config files☆112Updated 3 years ago
- Coerce Windows machines auth via MS-EVEN☆158Updated last year
- C# version of MDSec's ParallelSyscalls☆140Updated 3 years ago
- A Cobalt Strike Aggressor script to generate GadgetToJScript payloads☆101Updated 4 years ago
- UI for creating LNKs☆102Updated 3 years ago
- AV/EDR evasion via direct system calls.☆107Updated last year
- Investigation about ACL abusing for Active Directory Certificate Services (AD CS)☆121Updated 3 years ago
- Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus☆226Updated 3 years ago
- Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs☆123Updated 2 years ago
- Windows MSI Installer LPE (CVE-2021-43883)☆77Updated 3 years ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆178Updated 2 years ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆127Updated last year
- Beacon Object File & C# project to check LDAP signing☆187Updated 7 months ago
- ☆69Updated 3 years ago
- ☆56Updated 4 years ago
- A fake AMSI Provider which can be used for persistence.☆148Updated 3 years ago