Extract the password of the current user from flow (keylogger, config file, ..) Use SSPI to get a valid NTLM challenge/response and test passwords
☆59Mar 8, 2019Updated 7 years ago
Alternatives and similar repositories for DetectPasswordViaNTLMInFlow
Users that are interested in DetectPasswordViaNTLMInFlow are comparing it to the libraries listed below
Sorting:
- Set of ultra technical notes about AD☆18Jun 17, 2018Updated 7 years ago
- ☆26Sep 29, 2018Updated 7 years ago
- An example in C# for programmatically calling UAC to escalate to admin☆14Aug 13, 2018Updated 7 years ago
- C# Targeted Attack Reconnissance Tools☆120Jan 11, 2021Updated 5 years ago
- Get a list of installed software in a safe manner☆11Aug 7, 2017Updated 8 years ago
- ☆17Jul 26, 2018Updated 7 years ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)☆169Jun 8, 2017Updated 8 years ago
- ☆21Oct 22, 2019Updated 6 years ago
- ☆16Nov 10, 2015Updated 10 years ago
- ☆13Jun 1, 2021Updated 4 years ago
- .net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems☆36Dec 9, 2019Updated 6 years ago
- Extracts all base64 ticket data from a rubeus /dump file and converts the tickets to ccache files for easy use with other tools.☆66Oct 3, 2020Updated 5 years ago
- ☆264Jul 15, 2022Updated 3 years ago
- ☆182Feb 21, 2022Updated 4 years ago
- ☆58Jul 16, 2017Updated 8 years ago
- Software Distribution Service☆12Jul 2, 2015Updated 10 years ago
- spy windows ce API calls☆11Jun 3, 2014Updated 11 years ago
- Lists work items being queued currently.☆14Jun 7, 2015Updated 10 years ago
- Mainframe bruter and screen automation utility.☆20Jul 27, 2021Updated 4 years ago
- ☆14Sep 22, 2019Updated 6 years ago
- with metasploit☆63Apr 19, 2020Updated 5 years ago
- Extracts Azure authentication tokens from PowerShell process minidumps.☆25May 20, 2023Updated 2 years ago
- Constrained Language Mode + AMSI bypass all in one☆156Jul 29, 2019Updated 6 years ago
- Code injection via delay load libraries☆36Sep 20, 2017Updated 8 years ago
- Obtains a crackable hash for the current user account☆23Feb 3, 2019Updated 7 years ago
- Alternative C# Implementation tool to retrieve Active Directory Integrated DNS records with IP addresses☆50Aug 8, 2020Updated 5 years ago
- A C# tool for enumerating remote access policies through group policy.☆73Apr 18, 2019Updated 6 years ago
- Playing around with token manipulation in C#.☆29Nov 6, 2019Updated 6 years ago
- ☆17Mar 3, 2016Updated 10 years ago
- Protects and logs suspicious and malicious usage of .NET CSC.exe and Runtime C# Compilation☆25May 3, 2018Updated 7 years ago
- A collection of PowerShell Modules for BloodHound/Empire Orchestration☆109Sep 26, 2017Updated 8 years ago
- DNS反弹shell客户端☆13Jul 24, 2016Updated 9 years ago
- Post module for Metasploit to execute ELF in memory☆86Nov 23, 2018Updated 7 years ago
- ☆98Feb 21, 2019Updated 7 years ago
- A simple reflective dll example☆19Jan 8, 2017Updated 9 years ago
- A tool similar to netcat, but tunneled over DNS☆18Mar 10, 2017Updated 9 years ago
- Implements the POP/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).☆118Aug 8, 2018Updated 7 years ago
- A "tiny" meterpreter stager☆127Aug 20, 2019Updated 6 years ago
- Computer object takeover through Resource-Based Constrained Delegation (msDS-AllowedToActOnBehalfOfOtherIdentity)☆197Feb 1, 2021Updated 5 years ago