Certipy. Tool for Active Directory Certificate Services enumeration and abuse
3.6kPwnKit. Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation
1.3kCurveBall. PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll)
888SpoolFool. Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)
793SMBGhost. Scanner for CVE-2020-0796 - SMBv3 RCE
717CallbackHell. Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)
479PassTheChallenge. Recovering NTLM hashes from Credential Guard
385Pachine. Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)
276BlueGate. PoC (DoS + scanner) for CVE-2020-0609 & CVE-2020-0610 - RD Gateway RCE
249PetitPotam. Python implementation for PetitPotam
225PrintNightmare. Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527)
210BloodHound. Fork of BloodHound with PKI nodes and edges for Certipy along with some minor personal improvements
161Pypykatz. Modified version of Pypykatz to print encrypted credentials
56Impacket. Modified version of Impacket to use dynamic NTLMv2 Challenge/Response
20ldap3. Fork of LDAP3 supporting channel binding
9