Stars
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
Use SE_BACKUP_NAME/SeBackupPrivilege to access objects you shouldn't have access to
A Python based ingestor for BloodHound
World's fastest and most advanced password recovery utility
Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.
Kernel mode WinDbg extension and PoCs for token privilege investigation.
Compiled executables for @splinter_code and @decoder_it's TcbElevation
Spreadsheet with vulnerabilites from OWASP's WSTG and ASVS
JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps v…
A humble, and 𝗳𝗮𝘀𝘁, security-oriented HTTP headers analyzer.
Vulnerability analysis and PoC for the Apache Tomcat - CGIServlet enableCmdLineArguments Remote Code Execution (RCE)
Checklist of the most important security countermeasures when designing, testing, and releasing your API
AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses
Fully decrypt App-Bound Encrypted (ABE) cookies, passwords & payment methods from Chromium-based browsers (Chrome, Brave, Edge) - all in user mode, no admin rights required.
Collection of malleable payloads and tools that will bypass AMSI, Windows Defender, and self-signed certificate checks.
Pure C++, weaponized, fully automated implementation of RottenPotatoNG
Sticky notes for pentesting, bug bounty, CTF.
EDR-Freeze is a tool that puts a process of EDR, AntiMalware into a coma state.
Useful scripts to exploit Hack The Box retired machines/challenges
Collection of scripts used to convert stuff from one penetration testing collaborative platform to another and facilitate the migration of solution
Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)
CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File
The repo contains scripts helpful in solving CTFs
Latest CVEs with their Proof of Concept exploits.
Arsenal is just a quick inventory and launcher for hacking programs