ACL abuse swiss-knife
☆127Feb 3, 2023Updated 3 years ago
Alternatives and similar repositories for acltoolkit
Users that are interested in acltoolkit are comparing it to the libraries listed below
Sorting:
- DPAPI looting remotely and locally in Python☆542Oct 7, 2025Updated 4 months ago
- PoC to coerce authentication from Windows hosts using MS-WSP☆302Sep 7, 2023Updated 2 years ago
- Escalate Service Account To LocalSystem via Kerberos☆403Sep 14, 2023Updated 2 years ago
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer☆738May 19, 2023Updated 2 years ago
- Dump NTDS with golden certificates and UnPAC the hash☆647Mar 20, 2024Updated last year
- WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.☆281Feb 24, 2025Updated last year
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆180Feb 14, 2023Updated 3 years ago
- Small toolkit for extracting information and dumping sensitive strings from Windows processes☆116Jul 17, 2024Updated last year
- A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.☆372Sep 29, 2025Updated 5 months ago
- Tool to remotely dump secrets from the Windows registry☆521Updated this week
- ☆199Aug 28, 2025Updated 6 months ago
- Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound☆672Oct 23, 2025Updated 4 months ago
- AD ACL abuse☆389Sep 11, 2025Updated 5 months ago
- Check for LDAP protections regarding the relay of NTLM authentication☆530Nov 19, 2024Updated last year
- From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller☆440Jan 4, 2025Updated last year
- ☆383Jan 19, 2023Updated 3 years ago
- C# tool to identify and exploit weaknesses within MSSQL instances in Active Directory environments☆113Feb 13, 2022Updated 4 years ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆862Feb 3, 2024Updated 2 years ago
- A C# utility for interacting with SCCM☆682Aug 20, 2025Updated 6 months ago
- Use ESC1 to perform a makeshift DCSync and dump hashes☆210Nov 2, 2023Updated 2 years ago
- Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.☆500Jan 23, 2023Updated 3 years ago
- Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.☆483Jul 9, 2024Updated last year
- Identify the attack paths in BloodHound breaking your AD tiering☆326Nov 6, 2022Updated 3 years ago
- A (partial) Python rewriting of PowerSploit's PowerView☆1,100Updated this week
- Rusty Impersonate☆105Oct 15, 2025Updated 4 months ago
- A keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard input hook, allowing i…☆398Aug 2, 2023Updated 2 years ago
- Async Python library to parse local and remote disk images.☆82Jul 11, 2025Updated 7 months ago
- An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).☆418Jan 27, 2024Updated 2 years ago
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege☆225Nov 23, 2023Updated 2 years ago
- Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel☆730Sep 3, 2025Updated 6 months ago
- Repository contains psexec, which will help to exploit the forgotten pipe☆172Nov 5, 2024Updated last year
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆614Jan 2, 2025Updated last year
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆275Dec 27, 2024Updated last year
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆271Sep 14, 2023Updated 2 years ago
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆361Dec 13, 2025Updated 2 months ago
- Fileless Command Execution for Lateral Movement in Nim☆389Dec 12, 2023Updated 2 years ago
- SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket☆928Jul 26, 2021Updated 4 years ago
- OPSEC safe Kerberoasting in C#☆198Jun 14, 2022Updated 3 years ago
- Partial python implementation of SharpGPOAbuse☆525Nov 9, 2025Updated 3 months ago