yanghaoi / LaunchSystemCmdLinks
在权限足够的情况下弹出system权限的cmd命令行,包含exe和dll两种文件类型,可用于一些可能存在本地提权漏洞的测试。
☆33Updated 3 years ago
Alternatives and similar repositories for LaunchSystemCmd
Users that are interested in LaunchSystemCmd are comparing it to the libraries listed below
Sorting:
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user; Adding the sam_the_admin_maq when MachineAccoun…☆22Updated last year
- 密码收集☆58Updated 3 years ago
- ☆49Updated 2 years ago
- Lsass memory dump.☆53Updated last year
- ☆26Updated 2 years ago
- CVE-2020-1472 C++☆83Updated 2 years ago
- Search msDS-AllowedToActOnBehalfOfOtherIdentity☆35Updated 3 years ago
- 批量检查远程桌面密码或ntlm是否正确☆41Updated 4 years ago
- Zerologon自动化脚本☆93Updated last year
- 一个基于DNS隧道的简单C2☆59Updated 3 years ago
- 窃取当前用户的ssh,sudo密码☆69Updated 2 years ago
- c/s网络准入平台☆20Updated 2 years ago
- ☆15Updated 2 years ago
- 利用RPC服务,内网批量探测Windows出网☆14Updated 3 years ago
- (批量化改造)sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。☆108Updated 4 years ago
- 利用EFSRPC协议批量探测出网☆66Updated last year
- a 'pentest' udf plugin of MySQL.☆36Updated 3 years ago
- 通过websocket在IIS8(Windows Server 2012)以上实现socks5代理☆89Updated last year
- 魔改shadowsocks,实现socks5内网穿透。☆62Updated last year
- 使用Csharp实现自动修改注册表键并强制锁屏,使其可被抓取明文密码。☆30Updated 4 years ago
- Windows Api调用,用来绕过杀软添加用户☆22Updated 4 years ago
- kill windows log☆45Updated last year
- ☆34Updated 5 months ago
- PrintSpoofer的反射dll实现,结合Cobalt Strike使用☆88Updated 3 years ago
- CrackMapExec extension module/protocol support☆42Updated last year
- Domain penetration automation module one, domain information collection.☆19Updated 2 years ago
- Asset scanning by dictionary stitching Domain to identify Exchange Servers versions☆44Updated 2 years ago
- BOF implementation of delete self poc that delete a locked executable or a currently running file from disk by its pid, path, or the curr…☆78Updated 2 years ago
- command execute without 445 port☆52Updated 3 years ago
- dump lsass☆37Updated 3 years ago