tothi / rbcd-attack
Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket
☆528Updated 2 years ago
Alternatives and similar repositories for rbcd-attack:
Users that are interested in rbcd-attack are comparing it to the libraries listed below
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆750Updated last year
- WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations☆353Updated 4 years ago
- SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket☆828Updated 3 years ago
- Lists who can read any gMSA password blobs and parses them if the current user has access.☆265Updated last year
- Dumping LAPS from Python☆262Updated 2 years ago
- PowerSploit - A PowerShell Post-Exploitation Framework☆224Updated 3 years ago
- Bypass for PowerShell Constrained Language Mode☆383Updated 3 years ago
- Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)☆272Updated 3 years ago
- Utility to enumerate users, groups and computers from a Windows domain through LDAP queries☆369Updated 3 years ago
- ☆763Updated 2 years ago
- ☆365Updated 3 years ago
- Standalone implementation of a part of the WSUS spec. Built for offensive security purposes.☆302Updated 2 years ago
- A Cobalt Strike tool to audit Active Directory user accounts for weak, well known or easy guessable passwords.☆432Updated 2 years ago
- Check for LDAP protections regarding the relay of NTLM authentication☆483Updated 4 months ago
- PowerShell Constrained Language Mode Bypass☆259Updated 4 years ago
- ☆508Updated 3 years ago
- An script to perform kerberos bruteforcing by using impacket☆445Updated 2 years ago
- The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.☆476Updated 2 years ago
- ☆354Updated 3 years ago
- Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel☆608Updated 8 months ago
- Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime pat…☆855Updated 3 years ago
- From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller☆417Updated 2 months ago
- Use SE_BACKUP_NAME/SeBackupPrivilege to access objects you shouldn't have access to☆339Updated 11 years ago
- Python version of the C# tool for "Shadow Credentials" attacks☆685Updated 3 weeks ago
- Tools for Kerberos PKINIT and relaying to AD CS☆709Updated 2 months ago
- Kerberoast with ACL abuse capabilities☆420Updated 3 months ago
- Invoke-ZeroLogon allows attackers to impersonate any computer, including the domain controller itself, and execute remote procedure calls…☆217Updated 4 years ago
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆419Updated 2 years ago
- A tool to help query AD via the LDAP protocol☆521Updated 5 months ago
- ☆446Updated 2 years ago