ustayready / roguerdpLinks
☆35Updated 3 years ago
Alternatives and similar repositories for roguerdp
Users that are interested in roguerdp are comparing it to the libraries listed below
Sorting:
- WhoAmI by asking the LDAP service on a domain controller.☆63Updated 3 years ago
- A technique for Active Directory domain persistence☆39Updated 2 years ago
- ☆94Updated 3 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆54Updated 3 years ago
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Updated 3 years ago
- A little scanner to check the LDAP Signing state☆46Updated 4 years ago
- ☆43Updated 3 years ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆104Updated 4 years ago
- ☆39Updated 3 years ago
- C# version of NTLMRawUnHide☆72Updated 2 years ago
- ☆95Updated 4 years ago
- ☆57Updated 4 years ago
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆56Updated 3 years ago
- Timestomping module: overwrite file create/modify times in .NET (no pinvoke)☆26Updated 3 years ago
- .NET project for installing Persistence☆63Updated 3 years ago
- ☆60Updated 4 years ago
- Smart Card PIN swiping DLL☆78Updated 5 years ago
- IOXIDResolver from AirBus Security/PingCastle☆51Updated 4 years ago
- A BOF to interact with COM objects associated with the Windows software firewall.☆108Updated 3 years ago
- Active Directory certificate abuse.☆38Updated 3 years ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆86Updated 2 years ago
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆129Updated 2 years ago
- Exchangelib wrapper for pentesting☆65Updated 7 months ago
- ☆70Updated 4 years ago
- Tool for interacting with outlook interop during red team engagements☆146Updated 4 years ago
- Matryoshka loader is a tool that red team operators can leverage to generate shellcode for Microsoft Office document phishing payloads.☆39Updated 4 years ago
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆87Updated 3 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆87Updated 3 years ago
- A BOF port of the research of @thefLinkk and @codewhitesec☆98Updated 3 years ago
- ☆90Updated 4 years ago