Set of tools to analyze Windows sandboxes for exposed attack surface.

RunasCs - Csharp and open version of windows builtin runas.exe

Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands

Search tool to find specific files containing specific words, i.e. files containing passwords..

A tool to help query AD via the LDAP protocol

Windows protocol library, including SMB and RPC implementations, among others.

Retrieve LAPS password from LDAP

Chromium Cookie import / export tool

AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Cobalt Strike Malleable C2 profile.

Execute .Net assemblies using Rundll32.exe

Cisco AnyConnect < 4.8.02042 privilege escalation through path traversal

Dump Citrix Secure Access auth cookie from the process memory

PoCs and technical analysis of three vulnerabilities found on Cisco AnyConnect for Windows: CVE-2020-3433, CVE-2020-3434 and CVE-2020-3435

A sample project for ITaskHandler using C# and a corresponding project template for Visual Studio.