Precompiled Binaries & AD Toolset

Collection of useful tools, scripts and pre-compiled binaries for enumerating and exploiting Active Directory environments or standalone Windows hosts. All binaries listed in this repository have either been downloaded from the official release page or compiled from the official source code using Visual Studio.

Disclaimer

ONLY use for ethical purposes and against targets that you are permitted to attack!

	Name	Description	Download
★	SharpHound	Active directory enumeration and visualization	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Enumeration/SharpHound.exe
	Seatbelt	Windows host enumeration	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Enumeration/Seatbelt.exe
	SharpUp	Privilege Escalation Checks	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Enumeration/SharpUp.exe
	winPEAS	Windows host enumeration	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Enumeration/winPEAS.exe
	SharpView	C# Port of PowerView.ps1	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Enumeration/SharpView.exe
★	NoPowerShell	Execute PowerShell cmdlets in memory	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Enumeration/NoPowerShell.exe

Active Directory Exploitation

	Name	Description	Download
★	Rubeus	Kerberos ticket attacks and abuse	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Rubeus.exe
	Whisker	Shadow Credential attacks	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Specific/Whisker.exe
	ADFSDump	Dump information from ADFS to be used with ADFSpoof	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Specific/ADFSDump.exe
★	SharpSCCM	Interaction with SCCM for lateral movement	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Specific/SharpSCCM.exe
	SpoolSample	Coerce Authentication for Unconstrained Delegation	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Specific/SpoolSample.exe
★	RunasCS	C# Implementation of the runas command for lateral movement with valid credentials (not stealthy)	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Specific/RunasCs.exe
	ADModule	Microsoft Signed DLL for importing the AD Module	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Specific/ADModule.dll

Credential Gathering

	Name	Description	Download
	mimikatz	Credential dumping and ticket attacks	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Credentials/mimikatz.exe
	SharpDPAPI	Credential gathering	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Credentials/SharpDPAPI.exe
★	SharpChrome	Credential gathering (specifically from Chrome)	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Credentials/SharpChrome.exe
	SharpKatz	C# Port of mimikatz	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Credentials/SharpKatz.exe
	SharpLAPS	Dump LAPS passwords	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Credentials/SharpLAPS.exe
	BetterSafetyKatz	Run latest mimikatz in memory	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Credentials/BetterSafetyKatz.exe
	GMSAPasswordReader	Dump GMSA passwords	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Credentials/GMSAPasswordReader.exe

Local Privilege Escalation

	Name	Description	Download
	PrintSpoofer	Token Impersonation, SeImpersonatePrivilege	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Token/PrintSpoofer64.exe
	NetworkServiceExploit	Token Impersonation, SeImpersonatePrivilege	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Token/NetworkServiceExploit.exe
	GodPotato	Token Impersonation, SeImpersonatePrivilege	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Token/GodPotato.exe
	JuicyPotato	Token Impersonation, SeImpersonatePrivilege	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Token/JuicyPotato.exe
★	SharpEfsPotato	Token Impersonation, SeImpersonatePrivilege	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Token/SharpEfsPotato.exe

GPO Abuse

	Name	Description	Download
	SharpGPO	Group Policy modification and editing	https://github.com/jakobfriedl/precompiled-binaries/blob/main/GPOAbuse/SharpGPO.exe
	SharpGPOAbuse	Group Policy exploitation and abuse	https://github.com/jakobfriedl/precompiled-binaries/raw/main/GPOAbuse/SharpGPOAbuse.exe

Certificate Abuse

Name	Description	Download
Certify	Certificate abuse and enumeration	https://github.com/jakobfriedl/precompiled-binaries/raw/main/CertificateAbuse/Certify.exe
PassTheCert	Certificate abuse	https://github.com/jakobfriedl/precompiled-binaries/raw/main/CertificateAbuse/PassTheCert.exe
ForgeCert	Certificate forging	https://github.com/jakobfriedl/precompiled-binaries/raw/main/CertificateAbuse/ForgeCert.exe

Azure AD Abuse

	Name	Description	Download
	ADSyncDecrypt	Extract and decrypt Azure AD credentials	https://github.com/jakobfriedl/precompiled-binaries/raw/main/AzureAD/ADSyncDecrypt.exe
★	AzureAD_Decrypt_MSOL	Dump and extract Azure AD credentials	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Scripts/AzureAD_Decrypt_MSOL.ps1

Scripts

	Name	Description	Download
★	PowerView	Enumeration	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Scripts/PowerView.ps1
★	Powermad	MachineAccountQuota and DNS Exploitation	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Scripts/Powermad.ps1
	Inveigh	MitM Attacks & Spoofing	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Scripts/Inveigh.ps1
	PowerUp	Windows Privilege Escalation	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Scripts/PowerUp.ps1
	PowerUpSQL	SQL Server Enumeration and Exploitation	https://github.com/jakobfriedl/precompiled-binaries/raw/main/Scripts/PowerUpSQL.ps1

About

Collection of useful pre-compiled .NET binaries or other executables for penetration testing Windows Active Directory environments

Languages

Language:PowerShell 100.0%

babywyrm / precompiled-binaries