CCob/SweetPotato CCob/SweetPotato

  • Stars
    star
    1,515
  • Rank 30,761 (Top 0.7 %)
  • Language
    C#
  • Created over 4 years ago
  • Updated 8 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
CCob/SweetPotato
github

CCob

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019

SweetPotato

A collection of various native Windows privilege escalation techniques from service accounts to SYSTEM

SweetPotato by @_EthicalChaos_
  Orignal RottenPotato code and exploit by @foxglovesec
  Weaponized JuciyPotato by @decoder_it and @Guitro along with BITS WinRM discovery
  PrintSpoofer discovery and original exploit by @itm4n
  EfsRpc built on EfsPotato by @zcgonvh and PetitPotam by @topotam
  -c, --clsid=VALUE          CLSID (default BITS:
                               4991D34B-80A1-4291-83B6-3328366B9097)
  -m, --method=VALUE         Auto,User,Thread (default Auto)
  -p, --prog=VALUE           Program to launch (default cmd.exe)
  -a, --args=VALUE           Arguments for program (default null)
  -e, --exploit=VALUE        Exploit mode
                               [DCOM|WinRM|EfsRpc|PrintSpoofer(default)]
  -l, --listenPort=VALUE     COM server listen port (default 6666)
  -h, --help                 Display this help

More Repositories

1

SharpBlock

A method of bypassing EDR's active projection DLL's by preventing entry point exection
C#
1,079
star
2

BeaconEye

Hunts out CobaltStrike beacons and logs operator command output
C#
852
star
3

ThreadlessInject

Threadless Process Injection using remote function hooking.
C#
692
star
4

BOF.NET

A .NET Runtime for Cobalt Strike's Beacon Object Files
C
639
star
5

lsarelayx

NTLM relaying for Windows made easy
C++
521
star
6

Volumiser

C#
324
star
7

MirrorDump

Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in memory
C#
257
star
8

okta-terrify

Okta Verify and Okta FastPass Abuse Tool
C#
249
star
9

MinHook.NET

A C# port of the MinHook API hooking library
C#
196
star
10

goreflect

Reflective DLL loading of your favorite Golang program
C
162
star
11

SylantStrike

Simple EDR implementation to demonstrate bypass
C
149
star
12

gssapi-abuse

A tool for enumerating potential hosts that are open to GSSAPI abuse within Active Directory networks
Python
131
star
13

PIVert

C#
99
star
14

dnMerge

A lightweight .NET assembly dependency merger that uses dnLib and 7zip's LZMA SDK for compressing dependant assemblies.
C#
98
star
15

PinSwipe

Smart Card PIN swiping DLL
C
71
star
16

gookies

A Chrome cookie dumping utility
Go
47
star
17

PwnyForm

C#
41
star
18

ProvisionAppx

C#
35
star
19

bittrex4j

Java library for accessing the Bittrex Web API's and Web Sockets
Java
32
star
20

PoC

Exploit PoC for CVE's and non CVE's alike
Python
23
star
21

Jboss-Wilfly-Hashes-to-Hashcat

Converts JBoss/Wildfly management users properties file to hashcat format compatible with mode 20
Python
12
star
22

VulnHub

VulnHub Walkthroughs
Python
4
star
23

MediaPortal-AsteriskCid

C#
1
star