SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai.

Cobalt Strike BOF for evasive .NET assembly execution

A Kerberos AP-REQ hijacking tool with DNS unsecure updates abuse.

A BloodHound collector for Microsoft Configuration Manager

Deserialization payload generator for a variety of .NET formatters

Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel

Complete list of LPE exploits for Windows (starting from 2023)

Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀

This repository includes code and IoCs that are the product of research done in Akamai's various security research teams.

LSASS memory dumper using only NTAPIs, creating a minimal minidump, built in Rust with no_std and independent of the C runtime (CRT). It can be compiled as shellcode (PIC), supports XOR encryption,…

Extract credentials from lsass remotely

Bypass LSA protection using the BYODLL technique

Decrypt GlobalProtect configuration and cookie files.

Hunting queries and detections

A set of programs for analyzing common vulnerabilities in COM

This project is aimed at freely providing technical guides on various hacking topics: Active Directory services, web services, servers, intelligence gathering, physical intrusion, phishing, mobile …

Analyse MSI files for vulnerabilities

Dump cookies and credentials directly from Chrome/Edge process memory

A Windows and Office activator using HWID / Ohook / KMS38 / Online KMS activation methods, with a focus on open-source code and fewer antivirus detections.

SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.

实战沉淀字典

MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.

AWS Attack Path Management Tool - Walking on the Moon

Beacon Object File & C# project to check LDAP signing

Leak of any user's NetNTLM hash. Fixed in KB5040434

DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the ori…

BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions

KnowsMore is a swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS and DCSync).