Parse SDDL strings
☆37Apr 1, 2024Updated last year
Alternatives and similar repositories for sddl_py
Users that are interested in sddl_py are comparing it to the libraries listed below
Sorting:
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆41Dec 8, 2023Updated 2 years ago
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Jul 5, 2023Updated 2 years ago
- ☆24Feb 1, 2025Updated last year
- Adjusted version of the impacket-dcomexec script to work against Windows 10☆17Oct 13, 2025Updated 4 months ago
- Self delete DLL (2)☆14Feb 15, 2024Updated 2 years ago
- A C and Go /proc/pid/maps cloak of invisibilty for shared object files☆21Nov 19, 2025Updated 3 months ago
- Test AMSI Provider implementation in C#☆42Dec 18, 2024Updated last year
- ☆13Dec 27, 2014Updated 11 years ago
- My implementation of the GIUDA project in C++☆189Jul 25, 2023Updated 2 years ago
- Click Once + App Domain☆64Feb 23, 2026Updated last week
- A simple reverse ssh/proxy implant PoC for *nix systems.☆57Jul 5, 2024Updated last year
- A cross-platform tool to parse and describe the contents of a raw ntSecurityDescriptor structure☆47Oct 4, 2025Updated 5 months ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- Offensive MSSQL toolkit written in Python, based off SQLRecon☆207Jan 12, 2025Updated last year
- ☆31Jul 26, 2024Updated last year
- Process Hollowing in Rust with Process Executable Relocation Support for both 32 and 64 bit architecture environments.☆22Jan 6, 2025Updated last year
- The code is a pingback to the Dark Vortex blog:☆186Jan 26, 2023Updated 3 years ago
- DLL proxying for lazy people☆202Dec 1, 2025Updated 3 months ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Jan 30, 2025Updated last year
- Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintai…☆76Oct 27, 2025Updated 4 months ago
- ☆101Oct 7, 2023Updated 2 years ago
- A Kerberos AP-REQ hijacking tool with DNS unsecure updates abuse.☆137Jan 22, 2025Updated last year
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆72Mar 6, 2024Updated 2 years ago
- rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.☆17Jan 6, 2024Updated 2 years ago
- ☆117Jun 17, 2025Updated 8 months ago
- Automated exploitation of MSSQL servers at scale☆127Feb 21, 2026Updated last week
- Beacon Object File & C# project to check LDAP signing☆199Aug 7, 2024Updated last year
- A VSCode plugin to assist with BOF development.☆37Aug 14, 2024Updated last year
- A nim port of C5pider's Ekko project.☆17Oct 1, 2022Updated 3 years ago
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆140Sep 14, 2024Updated last year
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- ☆129Jun 28, 2023Updated 2 years ago
- Secretsdump C# version only supporting local (live) operation☆55Apr 20, 2025Updated 10 months ago
- just manipulatin these here tokens yes sir nothing weird☆22Apr 18, 2022Updated 3 years ago
- Good CLR Host with Native patchless AMSI Bypass☆103Apr 18, 2025Updated 10 months ago
- A small utility to translate NTDS.dit files to SQLite format.☆83Oct 11, 2023Updated 2 years ago
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆65Aug 23, 2023Updated 2 years ago
- EvtPsst☆55Oct 24, 2023Updated 2 years ago