CVE-2025-14740

Docker Desktop for Windows contains multiple incorrect permission assignment vulnerabilities in the installer's handling of the C:\ProgramData\DockerDesktop directory. The installer creates this directory without proper ownership verification, creating two exploitation scenarios: Scenario 1...

Acltoolkit - ACL Abuse Swiss-Knife

acltoolkit is an ACL abuse swiss-army knife. It implements multiple ACL abuses. Installation pip install acltoolkit-ad or git clone https://github.com/zblurx/acltoolkit.git cd acltoolkit make Usage usage: acltoolkit -h -debug -hashes LMHASH:NTHASH -no-pass -k -dc-ip ip address -scheme ldap scheme...

LDAP shell - AD ACL Abuse

This repository contains a small tool inherited from ldapshell https://github.com/SecureAuthCorp/impacket/blob/master/impacket/examples/ldapshell.py. Installation These tools are only compatible with Python 3.5+. Clone the repository from GitHub, install the dependencies and you should be good to...

targetedKerberoast - Kerberoast With ACL Abuse Capabilities

targetedKerberoast is a Python script that can, like many others e.g. GetUserSPNs.py, print "kerberoast" hashes for user accounts that have a SPN set. This tool brings the following additional feature: for each user without SPNs, it tries to set one abuse of a write permission on the...