PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。

A list of public penetration test reports published by several consulting firms and academic security groups.

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

The Network Execution Tool

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

OSWE, OSEP, OSED, OSEE

Privilege Escalation Enumeration Script for Windows

Various *nix tools built as statically-linked binaries

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments…

PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

This repo contains some Amsi Bypass methods i found on different Blog Posts.

BloodyAD is an Active Directory Privilege Escalation Framework

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

OSINT Tool: Generate username lists for companies on LinkedIn

Kerberos relaying and unconstrained delegation abuse toolkit

Penelope Shell Handler

A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.

RunasCs - Csharp and open version of windows builtin runas.exe

Username tools for penetration testing

Wordlists for creating statistically likely username lists for use in password attacks and security testing

Writing custom backdoor payloads with C# - Defcon 27 Workshop

Active Directory data ingestor for BloodHound Legacy written in Rust. 🦀

Latest CVEs with their Proof of Concept exploits.