Lists (1)
Stars
💀 Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp…
BloodyAD is an Active Directory Privilege Escalation Framework
OSINT Tool: Generate username lists for companies on LinkedIn
Kerberos relaying and unconstrained delegation abuse toolkit
A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)
TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!
Wordlists for creating statistically likely username lists for use in password attacks and security testing. Used for pentesting for over 10 years with amazing results.
Latest CVEs with their Proof of Concept exploits.
Python version of the C# tool for "Shadow Credentials" attacks
firepwd.py, an open source tool to decrypt Mozilla protected passwords
bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)
Partial python implementation of SharpGPOAbuse
AV/EDR evasion via direct and indirect system calls Windows NT 3.1 through Windows 11 24H2 · x64 · x86 · WoW64 · ARM64
Lists who can read any gMSA password blobs and parses them if the current user has access.
Execute commands interactively on remote Windows machines using the WinRM protocol (just faster)
Proof-of-concept tools for my AD Forest trust research
2018 School project - PoC of malware code obfuscation in Word macros
HTML parser for PEAS output with additional features
Remote service-staging tool built on Impacket, designed for BOF-style lateral movement workflows that lets you upload custom service loaders, set descriptions, and run them on demand.
generate payloads that force authentication against an attacker machine
Python script that takes new output from Get-DomainTrustMapping .csvs and outputs graphml. Based on DomainTrustExplorer.
Active Directory Certificate Services (ADCS) enumeration library with BloodHound CE v6 export support