werdhaihai/msi_lateral_mv external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

werdhaihai/msi_lateral_mv

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/werdhaihai/msi_lateral_mv)

Close

werdhaihai / msi_lateral_mvView on GitHubMore

• External links
• Readme badge

Lateral Movement Bof with MSI ODBC Driver Install

☆149Sep 30, 2025Updated 7 months ago

Alternatives and similar repositories for msi_lateral_mv

Users that are interested in msi_lateral_mv are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• 0xthirteen / rpc2wc

  View on GitHub
  RPC to WebClient startup
  ☆57Aug 19, 2025Updated 9 months ago
• AlmondOffSec / DCOMRunAs

  View on GitHub
  Lateral movement with DCOM DLL hijacking
  ☆178Jul 4, 2025Updated 10 months ago
• KingOfTheNOPs / Get-NetNTLM

  View on GitHub
  Internal Monologue BOF
  ☆79Dec 28, 2024Updated last year
• Nomad0x7 / sekken-enum

  View on GitHub
  adws enumeration bof
  ☆172Feb 16, 2026Updated 3 months ago
• sudonoodle / BOF-entra-authcode-flow

  View on GitHub
  Beacon Object File (BOF) to obtain Entra tokens via authcode flow.
  ☆130Jan 17, 2026Updated 4 months ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• 3lp4tr0n / RemoteMonologue

  View on GitHub
  Weaponizing DCOM for NTLM Authentication Coercions
  ☆210Nov 4, 2025Updated 6 months ago
• rasta-mouse / LibGate

  View on GitHub
  A Crystal Palace shared library to resolve & perform syscalls
  ☆61Oct 29, 2025Updated 7 months ago
• hotnops / ECUtilities

  View on GitHub
  Powershell and python utilties for Entra Connect
  ☆29Jun 5, 2025Updated 11 months ago
• jhalon / cSessionHop

  View on GitHub
  Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM
  ☆68Dec 25, 2025Updated 5 months ago
• rasta-mouse / Crystal-Loaders

  View on GitHub
  A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike
  ☆231Apr 11, 2026Updated last month
• RayRRT / BOFs

  View on GitHub
  Beacon Object Files (BOFs) for Cobalt Strike and Havoc C2. Implementations of Active Directory attacks and post-exploitation techniques.
  ☆114Jan 26, 2026Updated 4 months ago
• M1ndo / WerDump

  View on GitHub
  A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass
  ☆171Sep 22, 2025Updated 8 months ago
• deepinstinct / DCOMUploadExec

  View on GitHub
  DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely
  ☆385Dec 13, 2024Updated last year
• garrettfoster13 / ldap_bofs

  View on GitHub
  Random BOFs for LDAP tradecraft
  ☆74Sep 9, 2025Updated 8 months ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• MythicAgents / Kharon-Mtc

  View on GitHub
  C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…
  ☆207Dec 30, 2025Updated 4 months ago
• logangoins / BadTakeover-BOF

  View on GitHub
  Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover
  ☆86Oct 20, 2025Updated 7 months ago
• rasta-mouse / LibTP

  View on GitHub
  Crystal Palace library for proxying Nt API calls via the Threadpool
  ☆104Oct 18, 2025Updated 7 months ago
• SpecterOps / cred1py

  View on GitHub
  A Python POC for CRED1 over SOCKS5
  ☆167Oct 5, 2024Updated last year
• klezVirus / RAIWhateverTrigger

  View on GitHub
  Local SYSTEM auth trigger for relaying - X
  ☆155Jul 23, 2025Updated 10 months ago
• Teach2Breach / pool_party_rs

  View on GitHub
  remote process injections using pool party techniques
  ☆71Jun 29, 2025Updated 11 months ago
• MayerDaniel / profiler-lateral-movement

  View on GitHub
  Lateral Movement via the .NET Profiler
  ☆100Nov 21, 2024Updated last year
• wotwot563 / aad_prt_bof

  View on GitHub
  ☆165Apr 17, 2024Updated 2 years ago
• boku7 / StringReaper

  View on GitHub
  Reaping treasures from strings in remote processes memory
  ☆288Feb 8, 2025Updated last year
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• NtDallas / Draugr

  View on GitHub
  BOF with Synthetic Stackframe
  ☆248Oct 30, 2025Updated 6 months ago
• Cerbersec / pyMetaTwin

  View on GitHub
  Copy metadata and digital signatures information from one Windows executable to another using Wine on a non-Windows platform
  ☆18Apr 17, 2024Updated 2 years ago
• 0xNinjaCyclone / EarlyCascade

  View on GitHub
  A PoC for Early Cascade process injection technique.
  ☆217Jan 30, 2025Updated last year
• RayRRT / ESC1-unPAC

  View on GitHub
  A Beacon Object File (BOF) that performs the complete ESC1 attack chain in a single execution: certificate request with arbitrary SAN (+S…
  ☆119Dec 21, 2025Updated 5 months ago
• kozmer / dcsync-bof

  View on GitHub
  dcsync bof
  ☆52Feb 13, 2026Updated 3 months ago
• Paradoxis / ADSyncDump-BOF

  View on GitHub
  The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…
  ☆176Sep 3, 2025Updated 8 months ago
• netero1010 / SCCMVNC

  View on GitHub
  A tool to modify SCCM remote control settings on the client machine, enabling remote control without permission prompts or notifications.…
  ☆120Oct 20, 2024Updated last year
• decoder-it / printerbugnew

  View on GitHub
  The DCERPC only printerbug.py version
  ☆219Oct 30, 2025Updated 6 months ago
• mlcsec / EDRenum-BOF

  View on GitHub
  Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.
  ☆134Oct 4, 2024Updated last year
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• Teach2Breach / stargate

  View on GitHub
  Locate dlls and function addresses without PEB Walk and EAT parsing
  ☆105Nov 7, 2025Updated 6 months ago
• ricardojoserf / NativeTokenImpersonate

  View on GitHub
  Impersonate Tokens using only NTAPI functions
  ☆85Apr 4, 2025Updated last year
• smokeme / asar-backdoor

  View on GitHub
  ☆34Mar 19, 2025Updated last year
• ZephrFish / ludus-defender-lab

  View on GitHub
  MDE/MDI Defender setup for Ludus
  ☆58Mar 14, 2026Updated 2 months ago
• EspressoCake / DLL_Version_Enumeration_BOF

  View on GitHub
  A BOF for enumerating version information for DLLs associated for a Beacon process.
  ☆16Nov 23, 2021Updated 4 years ago
• zero2504 / FrostLock-Injection

  View on GitHub
  FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…
  ☆43Apr 6, 2025Updated last year
• boku7 / patchwerk

  View on GitHub
  BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)
  ☆197Feb 6, 2025Updated last year