Lists (32)
AD Certificate Services (ADCS)
Blockchain
Bug Bounty
Capture The Flag (CTF)
Conference Materials
Crypto Attacks
CTF
CVE
Entra ID (Azure AD)
IOS
Lang-Go
Language-Go
Learning
Mainframe
NewGen Unix CLI Tools
OSINT
pwn
Radio Frequency
Remote Procedure Calls (RPC)
Research
Reverse Engineering
SMB
Steganography
Synthesizers
Trainings
Virtualization
Web
Web shells
Windows Active Directory
Windows exploitation
Windows Post-Exploitation
Wordlists
Stars
a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
Directory Services Internals (DSInternals) PowerShell Module and Framework
Run PowerShell with rundll32. Bypass software restrictions.
Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
A .net OLE/COM viewer and inspector to merge functionality of OleView and Test Container
PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.
PoCs and tools for investigation of Windows process execution techniques
Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.
Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!
SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.
Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).
Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)
Dump Azure AD Connect credentials for Azure AD and Active Directory
Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain.
A language where the code is written with folders
Local privilege escalation from SeImpersonatePrivilege using EfsRpc.
PoC to coerce authentication from Windows hosts using MS-WSP
A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA server using the MS-WCCE protocol over DCOM and It bypasses …