A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process. Upload a DLL …

A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process. Upload a DLL …
This repository includes two utilities NTLMParse and ADFSRelay. NTLMParse is a utility for decoding base64-encoded NTLM messages and printing information …
SharpSCCM is a post-exploitation tool designed to leverage Microsoft Endpoint Configuration Manager (a.k.a. ConfigMgr, formerly SCCM) for lateral movement and …
This project is a C# tool to use Pass-the-Hash for authentication on a local Named Pipe for user Impersonation. You …
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods. Features Automatically …
Finding all things on-prem Microsoft for password spraying and enumeration. The tool will used a list of common subdomains associated …
This tool is designed to aid an operator in modifying ADCS certificate templates so that a created vulnerable state can …
BloodyAD is an Active Directory Privilege Escalation Framework, it can be used manually using bloodyAD.py or automatically by combining pathgen.py …
Lsass NTLM Authentication Backdoor How it Works First, the DLL is injected into the lsass.exe process, and will begin hooking …
Just another “Won’t Fix” Windows Privilege Escalation from User to Domain Admin. RemotePotato0 is an exploit that allows you to …