Impack-only implementation of WinRM protocol with support for NTLM and Kerberos auth

Capture incoming TGTs in pure PowerShell to avoid using Rubeus

A collection of Azure AD/Entra tools for offensive and defensive security purposes

π RuView: WiFi DensePose turns commodity WiFi signals into real-time human pose estimation, vital sign monitoring, and presence detection — all without a single pixel of video.

Proof-of-Concept software for creating inbound AD forest trusts.

Repository for tools used for the OSCP

mpdf 8.2.6 proof of concepts

An implementation of PyADRecon using ADWS instead of LDAP. Generates individual CSV files and a single XSLX + HTML report about your AD domain. Evades EDR detections through ADWS.

Python3 implementation of ADRecon with support for NTLM and Kerberos authentication querying LDAP. Generates individual CSV files and a single XSLX + HTML report about your AD domain.

MCP Server for Ghidra

A Bloodhound alternative. BloodBash will ingest the same files bloodhound does but no server is required to use this tool. It's great for quick AD enumeration.

SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection support.

🔎 Static code analysis engine to find security issues in code.

Handy Stored Password Decryption Techniques

Fileless Command Execution for Lateral Movement in Nim

Get file less command execution for lateral movement.

Remote Desktop Protocol .NET Console Application for Authenticated Command Execution

OSINT Tool: Generate username lists for companies on LinkedIn

PoC Exploit for the NTLM reflection SMB flaw.

A openCV program that detects faces and displays Tiktok cats.

A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY

Cheatsheet for the commands learned in Attack and Defense Active Directory Lab

Dumping all keys from a keytab file

Active Directory Integrated DNS dumping by any authenticated user

StandIn is a small .NET35/45 AD post-exploitation toolkit

Sliver CheatSheet for OSEP

Malicious Macro Generator for LibreOffice/OpenOffice

Bloodhound alternative - simple ingestor. It generates low-level commands to exploit the AD easily and automatically: learn and control every steps. It embeds a DSL to generate relationships.

Partial python implementation of SharpGPOAbuse

This repo contains some Amsi Bypass methods i found on different Blog Posts.