Retrieve host information from NTLM
☆32Feb 4, 2021Updated 5 years ago
Alternatives and similar repositories for ntlm-info
Users that are interested in ntlm-info are comparing it to the libraries listed below
Sorting:
- Kerberos protocol attacker☆139Feb 1, 2021Updated 5 years ago
- A quick and dirty way to bypass encrypted EPA to connect to a NetScaler Gateway☆20Oct 11, 2019Updated 6 years ago
- C# port of the Get-AppLockerPolicy PS cmdlet☆100Dec 8, 2022Updated 3 years ago
- ☆26Nov 8, 2024Updated last year
- A way to maintain long-term access to Windows LAPS for lateral movement in AD via installing an Offensive LAPS RPC backdoor on a DC.☆29Jun 9, 2025Updated 9 months ago
- The repository that complements the From zero to hero: creating a reflective loader in C# workshop☆40Oct 6, 2021Updated 4 years ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆44Feb 24, 2026Updated last week
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆41Dec 8, 2023Updated 2 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Jun 25, 2024Updated last year
- ☆44Jul 9, 2024Updated last year
- Investigation about ACL abusing for Active Directory Certificate Services (AD CS)☆130Oct 10, 2021Updated 4 years ago
- Automatically extract and decrypt all configured scanning credentials of a Lansweeper instance.☆44Nov 29, 2024Updated last year
- Utility to inject honey tokens into lsass.☆28Feb 7, 2017Updated 9 years ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆143Mar 9, 2024Updated 2 years ago
- OPSEC safe Kerberoasting in C#☆198Jun 14, 2022Updated 3 years ago
- Dump Citrix Secure Access auth cookie from the process memory☆76Jun 24, 2022Updated 3 years ago
- ☆47Feb 11, 2023Updated 3 years ago
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year
- Repository for LNK stuff☆31Aug 31, 2022Updated 3 years ago
- Rust port of kdmapper☆22Aug 24, 2021Updated 4 years ago
- ☆16Dec 7, 2025Updated 3 months ago
- Leveraging TPM2 TCG Logs (Measured Boot) to Detect UEFI Drivers and Pre-Boot Applications☆22Mar 28, 2025Updated 11 months ago
- Aggressor Notification Scripts for cobaltstrike via slack & discord☆14Nov 27, 2025Updated 3 months ago
- Rust bindings for VMProtect.☆28Mar 8, 2024Updated 2 years ago
- Beacon Object File to locate and suspend the threads hosting the Event Log service☆29Jun 17, 2022Updated 3 years ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- A script used to query the dehashed API and filter for more useful results☆16Jun 20, 2021Updated 4 years ago
- Tool for obtaining information about PPL processes☆16Feb 12, 2024Updated 2 years ago
- Supporting PoCs and scripts for my talk "OverLAPS: Overriding LAPS Logic"☆22Oct 12, 2025Updated 4 months ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆78Feb 8, 2023Updated 3 years ago
- A work in progress BOF/COFF loader in Rust☆50Mar 22, 2023Updated 2 years ago
- Local SYSTEM auth trigger for relaying☆168Jul 22, 2025Updated 7 months ago
- DirSync is a simple proof of concept PowerShell module to demonstrate the impact of delegating DS-Replication-Get-Changes and DS-Replicat…☆29Apr 26, 2023Updated 2 years ago
- Automated .NET AppDomain hijack payload generation☆129Feb 4, 2025Updated last year
- Rust For Windows Cheatsheet☆121Nov 26, 2025Updated 3 months ago
- Load dll with undocumented functions and debug symbols☆47Jul 20, 2024Updated last year
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆130Jan 14, 2023Updated 3 years ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆160Mar 1, 2024Updated 2 years ago
- ☆33Feb 13, 2026Updated 3 weeks ago