Beacon Object File for LDAP Queries Through ADWS

PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

A tool to enumerate and download files from the System Center Configuration Manager (SCCM) SMB share (SCCMContentLib)

Script collection to bypass Network Access Control (NAC, 802.1x)

SharePoint Sensitive File Hunter for Authorized Penetration Testing

Purple Team Exercise Framework

.NET CLR-Stomping

CTF kernel exploitation notes, PoCs, exploits, and writeups.

A BOF to create a scheduled task using a COM object.

Create local administrators with the SAMR API (lowest-level technique). Implemented in C#, Crystal, Python and Rust

World's simplest ROR13 generator

Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.

A simple Python parser for Junos configuration files that extracts subnet information.

OpenGraph Collector for Tailscale

A simple parser that converts Cobalt Strike session reports from PDF to Excel format

Beacon Object File to Enable Chrome DevTools Protocol (CDP)

Windows Privilege Escalation

A tool to parse snaffler output.

Snaffler reimplementation in Python - https://github.com/SnaffCon/Snaffler

Parses Snaffler output file and generate beautified outputs.

NFS share secret and credential finder

Async BOF for NTLMv2 Hash Snooping from ETW

BOF to impersonate TrustedInstaller via DISM API trigger and thread impersonation

Parse, filter, and export Snaffler output.

tool for enumeration & bulk download of sensitive files found in SharePoint environments

A Rust template for writing Beacon Object Files (BOFs)

Bof of RegPwn by MDSec

kerberos in rust for fun and profit