civ-sql-diagnoser

BloodyAD is an Active Directory Privilege Escalation Framework

A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.

really basic

WG leaflet project for Washington/Seanor

Quickly create functional plugins from simple descriptions, addressing specific needs without unnecessary bloat.

shellcode loader for your evasion needs

An impacket-lite cli tool that combines many useful impacket functions using a single session.

A wiki system with complex functionality for simple integration and a superb interface. Store your knowledge with style: Use django models.

Pentester's Promiscuous Notebook

Welcome to WTFNoPauseVMWare, the repository dedicated to addressing the frustration of unexpected host shutdowns or logoffs in VMware. Have you ever sighed at the absence of an automatic pause feat…

Mimikatz implementation in pure Python

Extract credentials from lsass remotely

DPAPI looting remotely in Python

Private AI platform for agents, assistants and enterprise search. Built-in Agent Builder, Deep research, Document analysis, Multi-model support, and API connectivity for agents.

DPAPI looting remotely and locally in Python

A Crowdsourced Bruteforce Framework

🎨 Terminal color rendering library, support 8/16 colors, 256 colors, RGB color rendering output, support Print/Sprintf methods, compatible with Windows. GO CLI 控制台颜色渲染工具库，支持16色，256色，RGB色彩渲染输出，使用类似于…

It's easy as cake to dump your secrets

Active Directory Integrated DNS dumping by any authenticated user

MFNttps is an always in development collection of tactics, techniques, and procedures that can be exploited by an attacker to bypass local security restrictions. Find the project at https://mfnttps…

Web shell generator and command line interface.

A super small jsp webshell with file upload capabilities.

A repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques.

Statically-linked ssh server with reverse shell functionality for CTFs and such

EvilSelenium is a tool that weaponizes Selenium to attack Chromium based browsers.

Browser In The Browser (BITB) Templates

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

Reverse SOCKS5 implementation in Go