Dump LSASS via physical memory read primitives in vulnerable kernel drivers
☆35Feb 25, 2026Updated 4 months ago
Alternatives and similar repositories for GhostKatz-sliver
Users that are interested in GhostKatz-sliver are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- PowerShell module for mapping byte offsets to source context and locating AMSI or Microsoft Defender detection boundaries in text and bin…☆35Updated this week
- Create local administrators with the SAMR API (lowest-level technique). Implemented in C#, Crystal, Python and Rust☆89Mar 7, 2026Updated 4 months ago
- Run PowerShell command without invoking powershell.exe☆27Apr 9, 2026Updated 3 months ago
- Async BOF to capture KeePass master passwords by detecting and keylogging locked database windows.☆46Jun 18, 2026Updated 3 weeks ago
- Windows Access token manipulation tool made in C#☆25Aug 24, 2025Updated 10 months ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Another new coercion primitive with LPE - machine-account NTLM coercion from a non-admin user via Windows Store InstallService plugin res…☆86Jun 20, 2026Updated 3 weeks ago
- PPLReaper is a Windows UNSIGNED kernel driver + userland companion tool designed to inspect and manipulate Protected Process Light (PPL) …☆24Mar 4, 2026Updated 4 months ago
- A BOF designed to inspect processes memory and addresses☆40Apr 19, 2026Updated 2 months ago
- Azure apim mini proxy☆61May 18, 2026Updated last month
- AdaptixC2 default beacon agent extended to support Crystal Palace loaders.☆63May 4, 2026Updated 2 months ago
- Async BOF to automatically extract or renew Kerberos TGTs on a target system.☆134Updated this week
- A Cobalt Strike Beacon Object File that exploits the BlueHammer vulnerability that to obtain a copy of the SAM database.☆166Apr 15, 2026Updated 3 months ago
- Proof-of-concept security demo illustrating how PowerShell can create trusted-looking Windows toast notifications chained together with C…☆16Apr 12, 2026Updated 3 months ago
- DSCourier is a proof-of-concept that uses the WinGet Configuration COM API to apply DSC configurations through Microsoft-signed binaries.☆210Jun 25, 2026Updated 3 weeks ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- PowerShell tool that shows how to read and write NTLM OWF values via samlib.dll.☆74Oct 22, 2025Updated 8 months ago
- Python tool to automatically perform SPN-less RBCD attacks.☆132Jan 7, 2026Updated 6 months ago
- POCs to demonstrate CVE-2026-42167 in ProFTPD☆23Apr 29, 2026Updated 2 months ago
- BOF for Havoc that copies locked Windows files (SAM, SYSTEM, NTDS.dit) via raw MFT parsing — no VSS, no Registry APIs, no PowerShell☆134Apr 6, 2026Updated 3 months ago
- COM Windows Persistence Technique☆89Apr 27, 2026Updated 2 months ago
- An aggressor script that tracks operational changes made during a red team engagement. Gives you a full audit trail of what was changed a…☆27May 21, 2026Updated last month
- NTLM HTTP relay tool with SOCKS proxy for browser session hijacking☆178Apr 6, 2026Updated 3 months ago
- ☆39Updated this week
- Audiodg.exe DLL hijacking for LPE with reboot-free restart primitive. Executes code as LOCAL SERVICE, escalates to SYSTEM via Scheduled T…☆128Jan 24, 2026Updated 5 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A tool to easily perform GitLab Device Code Phishing on red team engagements☆51Feb 9, 2026Updated 5 months ago
- Staged DLL injection proof-of-concept built in C using Win32 APIs — developed in an isolated lab environment for red team certification s…☆40Jun 4, 2026Updated last month
- DCOM in memory and fileless lateral movement techniques through .Net deserilization☆272Jun 22, 2026Updated 3 weeks ago
- shellcode transformation tool for YARA evasion☆62Dec 17, 2025Updated 7 months ago
- Impersonate Windows tokens in Nim☆24Aug 4, 2025Updated 11 months ago
- This is a collection of proof-of-concept exploits for various targets.☆42Jun 10, 2026Updated last month
- Automated Pass-the-Ticket (PtT) attack. Standalone alternative to Rubeus and Mimikatz for this attack. Implemented in C#, C++, Crystal, P…☆137Feb 17, 2026Updated 4 months ago
- Active network shares enumeration tool.☆36Updated this week
- Proof of concept for Kerberos Armoring abuse.☆86Dec 12, 2025Updated 7 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Polymorphic PE rewriter for Windows x64 , rewrites binaries into semantically identical but byte-different variants☆192Jun 6, 2026Updated last month
- Native C++ access to Active Directory over ADWS, no .NET, no WCF, no HTTP stack.☆81Mar 27, 2026Updated 3 months ago
- Tor transport bridge for Sliver C2 - anonymous command and control☆53Jan 20, 2026Updated 5 months ago
- A stealthier approach to WMI-based command execution using Impacket without touching the disk.☆85Mar 15, 2026Updated 4 months ago
- SANS Workshop: Active Directory Privilege Escalation with Empire!☆37Nov 12, 2025Updated 8 months ago
- Step-by-step documentation on how to decrypt SCCM database secrets offline☆50Oct 20, 2025Updated 8 months ago
- The PoC for CVE-2025-70795 / CVE-2026-0828 and updated driver☆49Mar 13, 2026Updated 4 months ago