/precompiled-binaries

Collection of useful pre-compiled .NET binaries or other executables for penetration testing Windows Active Directory environments

Primary LanguagePowerShell

Precompiled Binaries & AD Toolset

Collection of useful tools, scripts and pre-compiled binaries for enumerating and exploiting Active Directory environments or standalone Windows hosts. All binaries listed in this repository have either been downloaded from the official release page or compiled from the official source code using Visual Studio.

Table of Contents

Disclaimer

ONLY use for ethical purposes and against targets that you are permitted to attack!

Contents

Enumeration

Name Description Download
SharpHound Active directory enumeration and visualization https://github.com/jakobfriedl/precompiled-binaries/raw/main/Enumeration/SharpHound.exe
Seatbelt Windows host enumeration https://github.com/jakobfriedl/precompiled-binaries/raw/main/Enumeration/Seatbelt.exe
SharpUp Privilege Escalation Checks https://github.com/jakobfriedl/precompiled-binaries/raw/main/Enumeration/SharpUp.exe
winPEAS Windows host enumeration https://github.com/jakobfriedl/precompiled-binaries/raw/main/Enumeration/winPEAS.exe
SharpView C# Port of PowerView.ps1 https://github.com/jakobfriedl/precompiled-binaries/raw/main/Enumeration/SharpView.exe
NoPowerShell Execute PowerShell cmdlets in memory https://github.com/jakobfriedl/precompiled-binaries/raw/main/Enumeration/NoPowerShell.exe

Active Directory Exploitation

Name Description Download
Rubeus Kerberos ticket attacks and abuse https://github.com/jakobfriedl/precompiled-binaries/raw/main/Rubeus.exe
Whisker Shadow Credential attacks https://github.com/jakobfriedl/precompiled-binaries/raw/main/Specific/Whisker.exe
ADFSDump Dump information from ADFS to be used with ADFSpoof https://github.com/jakobfriedl/precompiled-binaries/raw/main/Specific/ADFSDump.exe
SharpSCCM Interaction with SCCM for lateral movement https://github.com/jakobfriedl/precompiled-binaries/raw/main/Specific/SharpSCCM.exe
SpoolSample Coerce Authentication for Unconstrained Delegation https://github.com/jakobfriedl/precompiled-binaries/raw/main/Specific/SpoolSample.exe
RunasCS C# Implementation of the runas command for lateral movement with valid credentials (not stealthy) https://github.com/jakobfriedl/precompiled-binaries/raw/main/Specific/RunasCs.exe
ADModule Microsoft Signed DLL for importing the AD Module https://github.com/jakobfriedl/precompiled-binaries/raw/main/Specific/ADModule.dll

Credential Gathering

Name Description Download
mimikatz Credential dumping and ticket attacks https://github.com/jakobfriedl/precompiled-binaries/raw/main/Credentials/mimikatz.exe
SharpDPAPI Credential gathering https://github.com/jakobfriedl/precompiled-binaries/raw/main/Credentials/SharpDPAPI.exe
SharpChrome Credential gathering (specifically from Chrome) https://github.com/jakobfriedl/precompiled-binaries/raw/main/Credentials/SharpChrome.exe
SharpKatz C# Port of mimikatz https://github.com/jakobfriedl/precompiled-binaries/raw/main/Credentials/SharpKatz.exe
SharpLAPS Dump LAPS passwords https://github.com/jakobfriedl/precompiled-binaries/raw/main/Credentials/SharpLAPS.exe
BetterSafetyKatz Run latest mimikatz in memory https://github.com/jakobfriedl/precompiled-binaries/raw/main/Credentials/BetterSafetyKatz.exe
GMSAPasswordReader Dump GMSA passwords https://github.com/jakobfriedl/precompiled-binaries/raw/main/Credentials/GMSAPasswordReader.exe

Local Privilege Escalation

Name Description Download
PrintSpoofer Token Impersonation, SeImpersonatePrivilege https://github.com/jakobfriedl/precompiled-binaries/raw/main/Token/PrintSpoofer64.exe
NetworkServiceExploit Token Impersonation, SeImpersonatePrivilege https://github.com/jakobfriedl/precompiled-binaries/raw/main/Token/NetworkServiceExploit.exe
GodPotato Token Impersonation, SeImpersonatePrivilege https://github.com/jakobfriedl/precompiled-binaries/raw/main/Token/GodPotato.exe
JuicyPotato Token Impersonation, SeImpersonatePrivilege https://github.com/jakobfriedl/precompiled-binaries/raw/main/Token/JuicyPotato.exe
SharpEfsPotato Token Impersonation, SeImpersonatePrivilege https://github.com/jakobfriedl/precompiled-binaries/raw/main/Token/SharpEfsPotato.exe

GPO Abuse

Name Description Download
SharpGPO Group Policy modification and editing https://github.com/jakobfriedl/precompiled-binaries/blob/main/GPOAbuse/SharpGPO.exe
SharpGPOAbuse Group Policy exploitation and abuse https://github.com/jakobfriedl/precompiled-binaries/raw/main/GPOAbuse/SharpGPOAbuse.exe

Certificate Abuse

Name Description Download
Certify Certificate abuse and enumeration https://github.com/jakobfriedl/precompiled-binaries/raw/main/CertificateAbuse/Certify.exe
PassTheCert Certificate abuse https://github.com/jakobfriedl/precompiled-binaries/raw/main/CertificateAbuse/PassTheCert.exe
ForgeCert Certificate forging https://github.com/jakobfriedl/precompiled-binaries/raw/main/CertificateAbuse/ForgeCert.exe

Azure AD Abuse

Name Description Download
ADSyncDecrypt Extract and decrypt Azure AD credentials https://github.com/jakobfriedl/precompiled-binaries/raw/main/AzureAD/ADSyncDecrypt.exe
AzureAD_Decrypt_MSOL Dump and extract Azure AD credentials https://github.com/jakobfriedl/precompiled-binaries/raw/main/Scripts/AzureAD_Decrypt_MSOL.ps1

Scripts

Name Description Download
PowerView Enumeration https://github.com/jakobfriedl/precompiled-binaries/raw/main/Scripts/PowerView.ps1
Powermad MachineAccountQuota and DNS Exploitation https://github.com/jakobfriedl/precompiled-binaries/raw/main/Scripts/Powermad.ps1
Inveigh MitM Attacks & Spoofing https://github.com/jakobfriedl/precompiled-binaries/raw/main/Scripts/Inveigh.ps1
PowerUp Windows Privilege Escalation https://github.com/jakobfriedl/precompiled-binaries/raw/main/Scripts/PowerUp.ps1
PowerUpSQL SQL Server Enumeration and Exploitation https://github.com/jakobfriedl/precompiled-binaries/raw/main/Scripts/PowerUpSQL.ps1