Windows Privilege Escalation Techniques and Scripts

Responder Windows Version Beta

Trying to tame the three-headed dog.

Impacket is a collection of Python classes for working with network protocols.

Tool for Active Directory Certificate Services enumeration and abuse

PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.

Generates millions of keyword-based password mutations in seconds.

Collection of Beacon Object Files (BOF) for Cobalt Strike

Recovering NTLM hashes from Credential Guard

The smallest possible complete Windows application

A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.

Convert Cobalt Strike profiles to modrewrite scripts

Perform MiTM attack and remove encryption on Windows Remote Registry Protocol.

Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)

Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.

64bit Windows 10 shellcode that injects all processes with Meterpreter reverse shells.

NT230 Malware Modus Operandi Labs

Free, Open Source, User-Mode SMB 1.0/CIFS, SMB 2.0, SMB 2.1 and SMB 3.0 server and client library

a small CLI app that allows infected users to get the correct key, you can also decrypt & encrypt files.