1. Lsass Dump using Magnet RAM Capture
Go
2. Route.exe to remove connections
Go
3. Tunnel using Visual Studio
Go
6. Lsass Dump using System Informer
Go
7. Enumerating AD with net
Go
8. Enumerating AD with ADSI
Go
11. Enumerate ADCS using Certutil
Go
12. Enumerate ADCS using Windows Registry
Go
13. Find cloud credentials
Go
14. Klist to find tickets
Go
16. Bitlocker Recovery Key without admin privileges
Go
17. List DLLs without GUI
Go
18. SSRF Initial Access
Go
19. Collect files as an APT
Go
21. Free antivirus to kill EDRs
Go
22. MSI Files to evade detections
Go
25. Persistence with apt (Linux)
Go
26. Persistence in profiles (Linux)
Go
27. DNS as a channel for persistence and C2 (Linux)
Go
28. Persistence with rc.local (Linux)
Go
29. Hide users accounts from Windows login
Go
30. Backdoor in command (Linux)
Go