Dump Kerberos tickets from the KCM database of SSSD
☆56Dec 31, 2025Updated 2 months ago
Alternatives and similar repositories for kcmdump
Users that are interested in kcmdump are comparing it to the libraries listed below
Sorting:
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆87Mar 6, 2025Updated 11 months ago
- Dump Linux keyrings☆24Jul 15, 2024Updated last year
- WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.☆56Jun 30, 2021Updated 4 years ago
- ☆18Mar 26, 2024Updated last year
- SAM Dumping in C#☆54Nov 27, 2025Updated 3 months ago
- ☆53Oct 10, 2023Updated 2 years ago
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆361Dec 13, 2025Updated 2 months ago
- A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.☆388Jan 20, 2026Updated last month
- ☆109Feb 21, 2023Updated 3 years ago
- SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.☆261Nov 22, 2025Updated 3 months ago
- Abusing Azure services over C2☆368Jan 20, 2026Updated last month
- ☆198Mar 28, 2025Updated 11 months ago
- An interactive shell to spoof some LOLBins command line☆188Jan 27, 2024Updated 2 years ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆232Feb 12, 2025Updated last year
- A Python POC for CRED1 over SOCKS5☆164Oct 5, 2024Updated last year
- Analyse MSI files for vulnerabilities☆142Aug 30, 2024Updated last year
- LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and r…☆384Apr 26, 2025Updated 10 months ago
- Extract registry and NTDS secrets from local or remote disk images☆45Mar 15, 2025Updated 11 months ago
- CaptainCredz is a modular and discreet password-spraying tool.☆134Jul 22, 2025Updated 7 months ago
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆181May 19, 2025Updated 9 months ago
- Evasive shellcode loader☆400Oct 17, 2024Updated last year
- ☆58Dec 10, 2025Updated 2 months ago
- ☆38Apr 7, 2023Updated 2 years ago
- a small script to collect information from a management point☆37Jan 19, 2026Updated last month
- ☆18Sep 14, 2023Updated 2 years ago
- ☆163Oct 25, 2023Updated 2 years ago
- Tool to aid in dumping LSASS process remotely☆42Sep 23, 2025Updated 5 months ago
- Rust in-memory dumper☆108Jul 26, 2023Updated 2 years ago
- Simple C# Redirector☆94Aug 31, 2025Updated 6 months ago
- A BloodHound collector for Microsoft Configuration Manager☆391Jul 7, 2025Updated 7 months ago
- Dump NTDS with golden certificates and UnPAC the hash☆647Mar 20, 2024Updated last year
- Azure Post Exploitation Framework☆244Oct 27, 2025Updated 4 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆215Oct 19, 2024Updated last year
- Microsoft Graph API post-exploitation toolkit☆95Jul 13, 2024Updated last year
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆346Nov 19, 2024Updated last year
- A companion tool that uses ADeleg to find insecure trustee and resource delegations in Active Directory☆314Feb 16, 2026Updated last week
- Indirect syscalls + DInvoke made simple.☆96Dec 24, 2024Updated last year
- Citrix Virtual Apps and Desktops (XEN) Unauthenticated RCE☆200Nov 12, 2024Updated last year
- A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.☆372Sep 29, 2025Updated 5 months ago