synacktiv / CacheData_decrypt
A simple Toolkit to BF and decrypt Windows EntraId CacheData
☆12Updated 3 months ago
Related projects: ⓘ
- A cloud automation system for Red Teams based on Terraform and Ansible☆24Updated 3 years ago
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆29Updated 3 months ago
- ☆13Updated 11 months ago
- Proof-of-Concept to evade auditd by writing /proc/PID/mem☆18Updated last year
- ☆17Updated last year
- .NET port of Leron Gray's azbelt tool.☆26Updated 11 months ago
- Scripts to interact with Microsoft Graph APIs☆29Updated 2 months ago
- A collection of tools using OCR to extract potential usernames from RDP screenshots.☆26Updated 5 months ago
- ☆13Updated 8 months ago
- Tool for Active Directory Certificate Services enumeration and abuse☆13Updated 7 months ago
- Golang PoC that sandboxes Defender (or other PPL) by setting its token integrity to Untrusted.☆10Updated 2 years ago
- Python3 rewrite of AsOutsider features of AADInternals☆25Updated last week
- WhoAmI by asking the LDAP service on a domain controller.☆58Updated 2 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆51Updated 2 years ago
- ☆29Updated last year
- ☆38Updated 2 years ago
- dauthi is a tool that takes advantage of API functionality across a variety of MDM solutions to perform user enumeration and single-facto…☆34Updated 4 months ago
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆31Updated 4 months ago
- Script written in python to perform Resource-Based Constrained Delegation (RBCD) attack by leveraging Impacket toolkit.☆19Updated 3 years ago
- Zoom Persistence Aggressor and Handler☆53Updated 3 years ago
- Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.☆14Updated 6 months ago
- This repository contains several AMSI bypasses. These bypasses are based on some very nice research that has been put out by some awesome…☆23Updated 2 years ago
- AMSI detection PoC☆30Updated 4 years ago
- Extension functionality for the NightHawk operator client☆26Updated 10 months ago
- SuperSharpShares is a tool designed to automate enumerating domain shares, allowing for quick verification of accessible shares by your a…☆60Updated 4 months ago
- Slides for the talk we presented as UniPi at DefCon's Red Team Village☆23Updated 2 years ago
- ☆23Updated 2 years ago
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Updated 2 years ago
- POC for unauthenticated RCE in Aspect Unified Installation Assistant by Aspect Software found in 2021.☆12Updated last year
- Identify binaries with Authenticode digital signatures signed to an internal CA/domain☆35Updated 7 months ago