mimikatz

PingCastle - Get Active Directory Security at 80% in 20% of the time

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

记录自己编写、修改的部分工具

Dominate Active Directory with PowerShell.

Credentials gathering tool automating remote procdump and parse of lsass process.

Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!

Red teaming tool to dump LSASS memory, bypassing basic countermeasures.

PowerShell module for Mimikatz

This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone is created, it utilizes MINIDUMP_CALLBACK_INFORMATION callbacks to generate a memory dump of the cloned process

Perform DCSync operation without mimikatz

Python3 script to parse txt files containing Mimikatz output

import pyd or execute PE all from memory using only pure python code and some shellcode tricks

用c#实现了个远程拉取Mimikatz.ps1

PowerShellUtilities provides various utility commandlets.

Bypass国内主流杀软

Invoke-KleptoKitty - Deploys Payloads and collects credentials

Powerful script for logical obfuscation of powershell scripts

Windows10 hardening implemented in powershell for consumer or enterprise deployment

A minimal safe version of mimikatz to only allow the export of non-exportable Windows certificates

Script to extract the cached credentials from SSSD, getting Active Directory credentials from Unix systems