PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Trying to tame the three-headed dog.

.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019

Avalonia-based .NET Decompiler (port of ILSpy)

Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

RunasCs - Csharp and open version of windows builtin runas.exe

SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by…

C# implementation of harmj0y's PowerView

Framework for Kerberos relaying

Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!

Windows 权限提升 BadPotato

SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.

StandIn is a small .NET35/45 AD post-exploitation toolkit

Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).

A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell.

A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.

Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)

Original PoC for CVE-2023-32784

Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework

A tool to help query AD via the LDAP protocol

Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).

Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!

DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the ori…

SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection support.

C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.

Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC