xpn / WAMBamLinks
Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post
☆124Updated 2 years ago
Alternatives and similar repositories for WAMBam
Users that are interested in WAMBam are comparing it to the libraries listed below
Sorting:
- Investigation about ACL abusing for Active Directory Certificate Services (AD CS)☆122Updated 3 years ago
- ☆88Updated 2 years ago
- C# version of NTLMRawUnHide☆72Updated 2 years ago
- Implant drop-in for EDR testing☆139Updated last year
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆91Updated 3 weeks ago
- Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later☆91Updated 2 years ago
- Lockless BOF☆73Updated last month
- ☆58Updated 3 years ago
- BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR☆76Updated last year
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆134Updated 8 months ago
- ☆70Updated 2 years ago
- ☆94Updated 3 years ago
- ☆88Updated 3 years ago
- ☆110Updated 6 months ago
- Tool for issuing manual LDAP queries which offers bofhound compatible output☆52Updated last year
- A BOF to interact with COM objects associated with the Windows software firewall.☆103Updated 3 years ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆137Updated last year
- Simple BOF to read the protection level of a process☆114Updated 2 years ago
- .NET implementation of Cobalt Strike's External C2 Spec☆86Updated 3 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆94Updated 2 years ago
- Beacon Object File & C# project to check LDAP signing☆189Updated 9 months ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆95Updated 3 years ago
- ☆71Updated last year
- ☆146Updated 2 years ago
- ☆141Updated 3 years ago
- Slide decks and/or materials from conference presentations☆56Updated 2 years ago
- Click Once + App Domain☆62Updated last year
- ☆125Updated last year
- Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs☆125Updated 3 years ago
- A module for CME that spiders across a domain.☆35Updated 2 years ago