Pinned Repositories
BlueGate
PoC (DoS + scanner) for CVE-2020-0609 & CVE-2020-0610 - RD Gateway RCE
CallbackHell
Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)
Certipy
Tool for Active Directory Certificate Services enumeration and abuse
CurveBall
PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll)
Pachine
Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)
PassTheChallenge
Recovering NTLM hashes from Credential Guard
PrintNightmare
Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527)
PwnKit
Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation
SMBGhost
Scanner for CVE-2020-0796 - SMBv3 RCE
SpoolFool
Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)
ly4k's Repositories
ly4k/Certipy
Tool for Active Directory Certificate Services enumeration and abuse
ly4k/PwnKit
Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation
ly4k/CurveBall
PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll)
ly4k/SpoolFool
Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)
ly4k/SMBGhost
Scanner for CVE-2020-0796 - SMBv3 RCE
ly4k/CallbackHell
Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)
ly4k/PassTheChallenge
Recovering NTLM hashes from Credential Guard
ly4k/Pachine
Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)
ly4k/BlueGate
PoC (DoS + scanner) for CVE-2020-0609 & CVE-2020-0610 - RD Gateway RCE
ly4k/PrintNightmare
Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527)
ly4k/PetitPotam
Python implementation for PetitPotam
ly4k/BloodHound
Fork of BloodHound with PKI nodes and edges for Certipy along with some minor personal improvements
ly4k/Pypykatz
Modified version of Pypykatz to print encrypted credentials
ly4k/Impacket
Modified version of Impacket to use dynamic NTLMv2 Challenge/Response
ly4k/ldap3
Fork of LDAP3 supporting channel binding