Alternatives and similar repositories for SeDebugAbuse:

Users that are interested in SeDebugAbuse are comparing it to the libraries listed below

• RayRRT / Active-Directory-Certificate-Services-abuse
  ☆44Updated 2 years ago
• xct / adopt
  Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.
  ☆13Updated 2 years ago
• laxa / SharpSecretsdump
  Secretsdump C# version only supporting local (live) operation
  ☆48Updated last year
• Nariod / laz-y
  Automating payload generation for OSEP labs and exam.
  ☆34Updated 2 years ago
• mmnoureldin / UnmanagedPowerShell
  ☆27Updated last year
• Wh04m1001 / MSIExecEoP
  Arbitrary File Delete in Windows Installer before 10.0.19045.2193
  ☆29Updated 2 years ago
• x0rb3l / CVE-2023-36802-MSKSSRV-LPE
  PoC for CVE-2023-36802 Microsoft Kernel Streaming Service Proxy
  ☆35Updated last year
• Wh04m1001 / ZoneAlarmEoP
  Exploit for Arbitrary File Move vulnerability in ZoneAlarm AV
  ☆26Updated 2 years ago
• Wh04m1001 / DiagTrackEoP
  ☆89Updated 2 years ago
• BronzeBee / DavRelayUp
  An old Windows workstations LPE for domain environments without LDAP signing/channel binding.
  ☆29Updated last year
• xct / SeManageVolumeAbuse
  SeManageVolumePrivilege to SYSTEM
  ☆82Updated last year
• NotMedic / Invoke-Nanodump
  HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection
  ☆53Updated 2 years ago
• MzHmO / articles
  ☆39Updated 6 months ago
• NVISOsecurity / cs2br-bof
  Run Cobalt Strike BOFs in Brute Ratel C4!
  ☆61Updated 3 weeks ago
• Wh04m1001 / CVE-2022-3368
  ☆29Updated 2 years ago
• SolomonSklash / RubeusToCcache
  A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket
  ☆54Updated 4 years ago
• shantanu561993 / DLL-Sideload
  ☆39Updated 2 years ago
• crisprss / magicNetdefs
  Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…
  ☆49Updated 2 years ago
• 0xsp-SRD / callback_injection-Csharp
  this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…
  ☆84Updated 2 years ago
• icyguider / PowerChunker
  Bypass AMSI via PowerShell by splitting a file into multiple chunks
  ☆50Updated 3 years ago
• inb1ts / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆39Updated last year
• wolfcod / lsassdump
  lsassdump via RtlCreateProcessReflection and NanoDump
  ☆77Updated 3 months ago
• Yeeb1 / SharpRDPlusSnatcher
  Exploits a flaw in Remote Desktop Plus by monitoring and decrypting temporary .rdp files in %localappdata%/Temp, revealing credentials us…
  ☆16Updated 11 months ago
• horizon3ai / backup_dc_registry
  A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY
  ☆80Updated 2 years ago
• synacktiv / AADOutsider-py
  Python3 rewrite of AsOutsider features of AADInternals
  ☆39Updated last month
• An00bRektn / gopher47
  A third-party Gopher Assassin for the Havoc Framework.
  ☆45Updated last year
• susMdT / SharpAgent
  C# havoc implant
  ☆96Updated last year
• blackarrowsec / Certify
  Active Directory certificate abuse.
  ☆37Updated 2 years ago
• secure-77 / Certipy-Docker
  Certipy in Docker
  ☆11Updated 10 months ago
• ChoiSG / OneDriveUpdaterSideloading
  Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post
  ☆88Updated 2 years ago