Stars
Proof-of-Concept tool for extracting NTLMv1 hashes from sessions on modern Windows systems.
Beacon Object File (BOF) port of DumpGuard for extracting NTLMv1 hashes from sessions on modern Windows systems.
Azure Security Resources and Notes
BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.
gpoParser is a tool designed to extract and analyze configurations applied through Group Policy Objects (GPOs) in an Active Directory environment.
Group Policy Objects manipulation and exploitation framework
This is the loader that supports running a program with Protected Process Light (PPL) protection functionality.
Expose the contents of .docx files without leaving your terminal. Fast, safe, and smart — no Office required!
An ICMP channel for Beacons, implemented using Cobalt Strike’s External C2 framework.
Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintain stealth and robust OPSEC.
Obfusk8: lightweight Obfuscation library based on C++17 / Header Only for windows binaries
Egress-Assess is a tool used to test egress data detection capabilities
Collection of Beacon Object Files (BOF) for Cobalt Strike
AdaptixC2 is a highly modular advanced redteam toolkit
Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history.
Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI
An even funnier way to disable windows defender. (through WSC api)
Directory Services Internals (DSInternals) PowerShell Module and Framework
SubSnipe is a tool designed to help find subdomains that are vulnerable to takeover.
SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.