wh0amitz/PetitPotato

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/wh0amitz/PetitPotato)

wh0amitz / PetitPotato

Local privilege escalation via PetitPotam (Abusing impersonate privileges).

☆455

Alternatives and similar repositories for PetitPotato

Users that are interested in PetitPotato are comparing it to the libraries listed below

Sorting:

wh0amitz / KRBUACBypass
View on GitHub
UAC Bypass By Abusing Kerberos Tickets
☆507Aug 10, 2023Updated 2 years ago
decoder-it / LocalPotato
View on GitHub
☆706Nov 7, 2023Updated 2 years ago
crisprss / RasmanPotato
View on GitHub
Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do
☆400Feb 6, 2023Updated 3 years ago
wh0amitz / S4UTomato
View on GitHub
Escalate Service Account To LocalSystem via Kerberos
☆403Sep 14, 2023Updated 2 years ago
antonioCoco / JuicyPotatoNG
View on GitHub
Another Windows Local Privilege Escalation from Service Account to System
☆939Nov 12, 2022Updated 3 years ago
Dec0ne / DavRelayUp
View on GitHub
DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …
☆568Jun 5, 2023Updated 2 years ago
BeichenDream / GodPotato
View on GitHub
☆2,202Nov 24, 2023Updated 2 years ago
BeichenDream / PrintNotifyPotato
View on GitHub
PrintNotifyPotato
☆539Dec 2, 2022Updated 3 years ago
wh0amitz / SharpADWS
View on GitHub
Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
☆586Mar 19, 2024Updated last year
WKL-Sec / HiddenDesktop
View on GitHub
HVNC for Cobalt Strike
☆1,301Dec 7, 2023Updated 2 years ago
XiaoliChan / wmiexec-Pro
View on GitHub
New generation of wmiexec.py
☆1,264Jan 5, 2026Updated 2 months ago
wh0amitz / BypassCredGuard
View on GitHub
Credential Guard Bypass Via Patching Wdigest Memory
☆335Feb 3, 2023Updated 3 years ago
zcgonvh / EfsPotato
View on GitHub
Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).
☆817Dec 14, 2023Updated 2 years ago
SaadAhla / TakeMyRDP
View on GitHub
A keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard input hook, allowing i…
☆398Aug 2, 2023Updated 2 years ago
zblurx / certsync
View on GitHub
Dump NTDS with golden certificates and UnPAC the hash
☆647Mar 20, 2024Updated last year
BeichenDream / SharpToken
View on GitHub
Windows Token Stealing Expert
☆486Nov 24, 2023Updated 2 years ago
mertdas / SharpTerminator
View on GitHub
Terminate AV/EDR Processes using kernel driver
☆352Jun 12, 2023Updated 2 years ago
decoder-it / ADCSCoercePotato
View on GitHub
☆242May 5, 2024Updated last year
OmriBaso / RToolZ
View on GitHub
A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.
☆326Jan 31, 2023Updated 3 years ago
0xb11a1 / yetAnotherObfuscator
View on GitHub
C# obfuscator that bypass windows defender
☆806Jun 4, 2023Updated 2 years ago
Dec0ne / ShadowSpray
View on GitHub
A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…
☆483Oct 14, 2022Updated 3 years ago
Octoberfest7 / Inline-Execute-PE
View on GitHub
Execute unmanaged Windows executables in CobaltStrike Beacons
☆714Mar 4, 2023Updated 3 years ago
grimlockx / ADCSKiller
View on GitHub
An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
☆738May 19, 2023Updated 2 years ago
Bdenneu / CVE-2022-33679
View on GitHub
One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html
☆415Nov 10, 2024Updated last year
ZeroMemoryEx / Terminator
View on GitHub
Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
☆1,042Jun 20, 2023Updated 2 years ago
slemire / WSPCoerce
View on GitHub
PoC to coerce authentication from Windows hosts using MS-WSP
☆301Sep 7, 2023Updated 2 years ago
bugch3ck / SharpEfsPotato
View on GitHub
Local privilege escalation from SeImpersonatePrivilege using EfsRpc.
☆337Oct 17, 2022Updated 3 years ago
Prepouce / CoercedPotato
View on GitHub
A Windows potato to privesc
☆391Aug 26, 2024Updated last year
hackerhouse-opensource / iscsicpl_bypassUAC
View on GitHub
UAC bypass for x64 Windows 7 - 11
☆832Feb 2, 2026Updated last month
netero1010 / GhostTask
View on GitHub
A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.
☆614Jan 2, 2025Updated last year
mdsecactivebreach / DragonCastle
View on GitHub
A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.
☆301Oct 26, 2022Updated 3 years ago
fortra / nanodump
View on GitHub
The swiss army knife of LSASS dumping
☆2,071Sep 17, 2024Updated last year
VoldeSec / PatchlessCLRLoader
View on GitHub
.NET assembly loader with patchless AMSI and ETW bypass
☆370Apr 19, 2023Updated 2 years ago
med0x2e / NTLMRelay2Self
View on GitHub
An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).
☆418Jan 27, 2024Updated 2 years ago
S3cur3Th1sSh1t / MultiPotato
View on GitHub
☆538Nov 20, 2021Updated 4 years ago
gabriellandau / PPLFault
View on GitHub
☆564Feb 22, 2024Updated 2 years ago
Octoberfest7 / DropSpawn_BOF
View on GitHub
CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking
☆285Jun 8, 2023Updated 2 years ago
outflanknl / C2-Tool-Collection
View on GitHub
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…
☆1,370Oct 27, 2023Updated 2 years ago
optiv / Freeze
View on GitHub
Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
☆1,470Aug 18, 2023Updated 2 years ago