xct / rcat
rcat
☆51Updated 2 years ago
Related projects: ⓘ
- ☆47Updated last year
- SeManageVolumePrivilege to SYSTEM☆61Updated 9 months ago
- SeRestorePrivilege to SYSTEM☆71Updated 2 years ago
- PrintNightmare (CVE-2021-34527) PoC Exploit☆102Updated last year
- ☆26Updated 2 years ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆147Updated 9 months ago
- Python based Bloodhound data converter from the legacy pre 4.1 format to 4.1+ format☆51Updated 2 years ago
- Resources linked to my presentation at OffensiveX in Athens in June 2024 on the topic "Breach the Gat, Advanced Initial Access in 2024"☆117Updated last month
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆164Updated last year
- A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY☆74Updated 2 years ago
- Shellcode loader designed for evasion. Coded in Rust.☆104Updated last year
- Tools I use on red team engagements and more☆26Updated 6 months ago
- ☆110Updated last year
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆74Updated 10 months ago
- Shellcode generation and encoding utility☆21Updated 2 years ago
- Bypass AMSI By Dividing files into multiple smaller files☆45Updated last year
- A Python based ingestor for BloodHound☆81Updated last year
- random code snippets, useful for getting started☆108Updated 2 months ago
- ☆40Updated 2 years ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆71Updated 5 months ago
- C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps☆131Updated last month
- ☆21Updated 2 weeks ago
- ADCS cert template modification and ACL enumeration☆126Updated last year
- Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs☆59Updated last year
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆104Updated 4 months ago
- WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"☆114Updated 2 months ago
- C# havoc implant☆90Updated last year
- Rust in-memory dumper☆105Updated last year
- Lateral Movement☆117Updated 10 months ago
- ☆87Updated 2 years ago