xct / adoptLinks
Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.
☆15Updated 3 years ago
Alternatives and similar repositories for adopt
Users that are interested in adopt are comparing it to the libraries listed below
Sorting:
- Run Cobalt Strike BOFs in Brute Ratel C4!☆68Updated 3 months ago
- Lateral Movement via the .NET Profiler☆82Updated 8 months ago
- TokenCert☆98Updated 8 months ago
- An impacket-lite cli tool that combines many useful impacket functions using a single session.☆51Updated last week
- Local SYSTEM auth trigger for relaying - X☆116Updated last week
- ☆107Updated 5 months ago
- ☆132Updated 5 months ago
- Impersonate Tokens using only NTAPI functions☆79Updated 3 months ago
- ☆57Updated 5 months ago
- A tool for coercing and relaying Kerberos authentication over DCOM and RPC.☆115Updated 2 weeks ago
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆78Updated 5 months ago
- ☆89Updated 3 years ago
- Simple BOF to read the protection level of a process☆117Updated 2 years ago
- Find DLLs with RWX section☆81Updated 2 years ago
- A simple C++ Windows tool to get information about processes exposing named pipes.☆38Updated 4 months ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆74Updated last year
- Tool to bypass LSA Protection (aka Protected Process Light)☆55Updated 7 months ago
- Sniffing files generator☆59Updated 5 months ago
- ☆112Updated 8 months ago
- An old Windows workstations LPE for domain environments without LDAP signing/channel binding.☆33Updated 2 years ago
- ☆19Updated last month
- A care package of useful bofs for red team engagments☆55Updated 7 months ago
- Sliver extension performing TCP redirection tasks without performing cross-process injection.☆66Updated 6 months ago
- Click Once + App Domain☆62Updated last year
- Beacon Object Files (not Buffer Overflows)☆56Updated 2 years ago
- CLI tool to interact with the BloodHound CE API☆51Updated this week
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆104Updated 3 weeks ago
- Automatically extract and decrypt all configured scanning credentials of a Lansweeper instance.☆38Updated 8 months ago
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆35Updated 3 months ago
- Modified versions of the Cobalt Strike Process Injection Kit☆98Updated last year