This exploit allows to connect to the remote RemoteMouse 3.008 service to virtually press arbitrary keys and execute code on the machine.

A python script to automatically dump files and source code of a Symfony server in debug mode.

A webshell plugin and interactive shell for pentesting a SweetRice website.

Multithreaded spraying of a password on all accounts of a domain.

A webshell application and interactive shell for pentesting Apache Tomcat servers.

A Python script to extract the list of users of a GiTea instance, unauthenticated or authenticated.

A script to factorize integers with sagemath and factordb.

A python script to force authentication using MS-RPRN RemoteFindFirstPrinterChangeNotificationEx function (opnum 65).

A python script to check if URLs are allowed or disallowed by a robots.txt file.

A template of C++ code to call a Remote Procedure on a windows machine to coerce an authentication

Extract all users from an Active Directory domain with password last set older than X days to an Excel worksheet.

Monitor 802.11 probe requests from a capture file or network sniffing!

A python script to filter by filename and download PDS images.

A webshell plugin and interactive shell for pentesting a Moodle instance.

A Python script to list valid emails of GSuite accounts.

A Python script to create an administrator account on Joomla! 1.6/1.7/2.5 using a privilege escalation vulnerability

This Python script can enumerate all URLs present in robots.txt files, and test whether they can be accessed or not.

A Python script to download PDB files associated with a Portable Executable (PE)

GeoWordlists is a tool to generate wordlists of passwords containing cities at a defined distance around the client city.

A python tool to parse and describe the SDDL string.

A script to automatically dump all URLs present in /server-status to a file locally.

A Docker-based environment for building Go projects.

A Python tool to simulate keyboard typing when copy-paste functionality is unavailable, with both CLI and GUI modes.

A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.

List accounts with Service Principal Names (SPN) not linked to active dns records in an Active Directory Domain.

A python script to dump files and folders remotely from a Windows SMB share.

Extract all users from an Active Directory domain to an Excel worksheet.

A python module to explore the object tree to extract paths to interesting objects in memory.

This repository contains a list of python scripts to work with Microsoft RPC for research purposes.