Added sAMAccountName Spoofing techniques and tools

README.md

@@ -62,6 +62,10 @@ This document was designed to be a useful, informational asset for those looking
 
 ## Privilege Escalation
 
+### sAMAccountName Spoofing
+* [sAMAccountName spoofing](https://www.thehacker.recipes/ad/movement/kerberos/samaccountname-spoofing)
+* [CVE-2021-42287/CVE-2021-42278 Weaponisation](https://exploit.ph/cve-2021-42287-cve-2021-42278-weaponisation.html)
+
 ### Abusing Active Directory Certificate Services
 * [Certified Pre-Owned](https://posts.specterops.io/certified-pre-owned-d95910965cd2)
 
@@ -377,7 +381,9 @@ Advanced Threat Protection and Advanced Threat Analytics](https://www.blackhat.c
 * [Stormspotter](https://github.com/Azure/Stormspotter) - Stormspotter creates an “attack graph” of the resources in an Azure subscription.
 * [AADInternals](https://github.com/Gerenios/AADInternals) - AADInternals is PowerShell module for administering Azure AD and Office 365
 * [MicroBurst: A PowerShell Toolkit for Attacking Azure](https://github.com/NetSPI/MicroBurst) - MicroBurst includes functions and scripts that support Azure Services discovery, weak configuration auditing, and post exploitation actions such as credential dumping. 
-
+* [sam-the-admin](https://github.com/WazeHell/sam-the-admin) - Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
+* [CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.](https://github.com/cube0x0/noPac) - CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter. Yet another low effort domain user to domain admin exploit.
+* 
 ## Ebooks
 * [The Dog Whisperer’s Handbook – A Hacker’s Guide to the BloodHound Galaxy](https://www.ernw.de/download/BloodHoundWorkshop/ERNW_DogWhispererHandbook.pdf)
 * [Varonis eBook: Pen Testing Active Directory Environments](https://www.varonis.com/blog/varonis-ebook-pen-testing-active-directory-environments/)