From 46524f3ac1769e835440125706d1826c5b273b20 Mon Sep 17 00:00:00 2001
From: pe3zx <pe3zx@users.noreply.github.com>
Date: Wed, 15 Sep 2021 10:02:05 +0700
Subject: [PATCH] Add: EspressoCake/Toggle_Token_Privileges_BOF to Privilege
 Escalation section

---
 Offensive.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Offensive.md b/Offensive.md
index 600bf19..fb1e561 100644
--- a/Offensive.md
+++ b/Offensive.md
@@ -957,6 +957,10 @@ Some tools can be categorized in more than one category. But because the current
         <td><a href="https://github.com/eloypgz/certi">eloypgz/certi</a></td>
         <td>Utility to play with ADCS, allows to request tickets and collect information about related objects. Basically, it's the impacket copy of Certify. Thanks to @harmj0y and @tifkin_ for its great work with ADCS.</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/EspressoCake/Toggle_Token_Privileges_BOF">EspressoCake/Toggle_Token_Privileges_BOF</a></td>
+        <td>Syscall BOF to arbitrarily add/detract process token privilege rights.</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/GhostPack/ForgeCert">GhostPack/ForgeCert</a></td>
         <td>ForgeCert uses the BouncyCastle C# API and a stolen Certificate Authority (CA) certificate + private key to forge certificates for arbitrary users capable of authentication to Active Directory.</td>