From 1e2282041385de5fd4829e753321d59acb8e4970 Mon Sep 17 00:00:00 2001
From: pe3zx <pe3zx@users.noreply.github.com>
Date: Mon, 27 Jun 2022 22:01:10 +0700
Subject: [PATCH] Add: Wh04m1001/DFSCoerce to Credential Access section

---
 Offensive.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Offensive.md b/Offensive.md
index 1e6848a..1c6d0d8 100644
--- a/Offensive.md
+++ b/Offensive.md
@@ -2355,6 +2355,10 @@ Some tools can be categorized in more than one category. But because the current
         <td><a href="https://github.com/w1u0u1/minidump">w1u0u1/minidump</a></td>
         <td>Custom implementation of DbgHelp's MiniDumpWriteDump function. Uses static syscalls to replace low-level functions like NtReadVirtualMemory.</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/Wh04m1001/DFSCoerce">Wh04m1001/DFSCoerce</a></td>
+        <td>PoC for MS-DFSNM coerce authentication using NetrDfsRemoveStdRoot and NetrDfsAddStdRoot (found by @xct_de) methods.</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/Wra7h/SharpGhosting">Wra7h/SharpGhosting</a></td>
         <td>Process Ghosting in C#</td>