Lists (1)
Starred repositories
LPE: BackupOperator to Domain Admin Active Directory Proof of Concept
Exploit for CVE-2023-29360 targeting MSKSSRV.SYS driver
Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
Hacking WordPress Plugins - Authenticated Shell Upload, by compromising admin console and upload a malicious plugin with PHP (reverse shell code)
A webshell plugin and interactive shell for pentesting a WordPress website.
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
EDR-Freeze is a tool that puts a process of EDR, AntiMalware into a coma state.
Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀
Collection of useful pre-compiled .NET binaries or other executables for penetration testing Windows Active Directory environments
getsystem via parent process using ps1 & embeded c#
Another Windows Local Privilege Escalation from Service Account to System
Cowrie SSH/Telnet Honeypot https://docs.cowrie.org/
List of ngrok/Cloudflare Tunnel alternatives and other tunneling software and services. Focus on self-hosting.
Apache CloudStack is an opensource Infrastructure as a Service (IaaS) cloud computing platform
Critical Remote Code Execution Vulnerability (CVE-2018-11776) Found in Apache Struts.
redis 4.x/5.x master/slave getshell module
A tool used to obfuscate python scripts, bind obfuscated scripts to fixed machine or expire obfuscated scripts.
An easy to set up and use SSH honeypot, a fake SSH server that lets anyone in and logs their activity
Extract JavaScript source trees from Sourcemap files
POC for Roundcube vulnerabilities CVE-2024-42008 and CVE-2024-42010
byebyeAV is a tool created by @amroes which bypassed the latest version at the time of windows defender, Sophos and Kaspersky