xct / SeDebugAbuseLinks
Get SYSTEM via SeDebugPrivilege
☆21Updated 3 years ago
Alternatives and similar repositories for SeDebugAbuse
Users that are interested in SeDebugAbuse are comparing it to the libraries listed below
Sorting:
- ☆52Updated 3 years ago
- Automating payload generation for OSEP labs and exam.☆34Updated 3 years ago
- A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket☆65Updated 5 years ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆106Updated 2 years ago
- ☆88Updated 3 years ago
- Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆17Updated 3 years ago
- An old Windows workstations LPE for domain environments without LDAP signing/channel binding.☆33Updated 2 years ago
- Secretsdump C# version only supporting local (live) operation☆50Updated 5 months ago
- Get Fine Grained Password Policy☆74Updated 5 months ago
- A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …☆88Updated 2 years ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆147Updated last year
- Generate AES128/256 Kerberos keys for an AD account using a plaintext password and Python3☆78Updated 3 years ago
- A Collection of templates that can be used for abusing window's AlwaysInstallElevated policy☆38Updated 2 years ago
- C# tool to identify and exploit weaknesses within MSSQL instances in Active Directory environments☆111Updated 3 years ago
- SeRestorePrivilege to SYSTEM☆122Updated 3 years ago
- A PoC to deploy a Sliver Agent with amsi bypass, process injection, hollowing and OpSec☆24Updated 11 months ago
- A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY☆86Updated 3 years ago
- ☆18Updated 9 months ago
- C# havoc implant☆101Updated 2 years ago
- rcat☆71Updated 3 years ago
- Bypass AMSI By Dividing files into multiple smaller files☆46Updated 2 years ago
- ☆141Updated 3 years ago
- Binary and CrackMapExec module to impersonate tokens on a windows machine☆46Updated 3 years ago
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆56Updated 3 years ago
- Simple C++ PoC of SeDebugPrivilege Privesc☆25Updated last year
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆75Updated 2 years ago
- ☆70Updated 3 years ago
- ☆29Updated 2 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆101Updated 2 years ago
- Simple BOF to read the protection level of a process☆118Updated 2 years ago