A modern, fast, and pentester-friendly NFS client built for red teams, security researchers, and anyone who wants full control over remote NFS exports — without needing to mount them.

windows-kernel-exploits Windows平台提权漏洞集合

linux-kernel-exploits Linux平台提权漏洞集合

Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your environment anymore.

A Linux Privilege Escalation cheat sheet I made prepping for the OSCP that has mophored into the most comprehensive, specific Linux PrivEsc reference online : )

A security assessment tool for analyzing Active Directory Group Policy Objects (GPOs) to identify misconfigurations and vulnerabilities

Just another Powerview alternative but on steroids

A Kerberos implementation built entirely in managed code.

RpcView is a free tool to explore and decompile Microsoft RPC interfaces

Trying to tame the three-headed dog.

Set of tools to analyze Windows sandboxes for exposed attack surface.

A Dissect module implementing a parser for Microsofts Extensible Storage Engine Database (ESEDB), used for example in Active Directory, Exchange and Windows Update.

Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.

Impack-only implementation of WinRM protocol with support for NTLM and Kerberos auth

Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.

Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel

Tool for Active Directory Certificate Services enumeration and abuse

Tools for Kerberos PKINIT and relaying to AD CS

Impacket is a collection of Python classes for working with network protocols.

Offensive Security Web Assessor Resources Repo

A little tool to play with Windows security

A repository that contains various splunk queries for threat hunting, a basic introduction to formating splunk queries, a General Purpose Splunk query language cheatsheet and a helpful references f…

The SpecterOps project management and reporting engine

Harness the power of Splunk for your investigations

Various notes I have compiled during the OSEP PEN-300 course.

Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking

Whitebox source code review cheatsheet (Based on AWAE syllabus)

grep rough audit - source code auditing tool

Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound