Stars
Abuse trust-boundaries to bypass firewalls and network controls
A tool to test cross-device authentication protocol security
A Certificate Transparency log implementation and monitoring API designed for scalability, ease of operation, and reduced cost.
📮 The free temporary email service powered by Cloudflare
The fastest and more comprehensive multiprotocol credentials bruteforcer / password sprayer and enumerator. 🥷
PoC for a SMS-based shell. Send commands and receive responses over SMS from mobile broadband capable computers
RunasCs - Csharp and open version of windows builtin runas.exe
A tool that combines DNS and WHOIS to automatically monitor domain name changes.
A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass…
Remote operations commands implemented using Beacon Object Files
WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations
Automate the creation of a lab environment complete with security tooling and logging best practices
Desktop environment in the browser
c6fc / npk
Forked from Coalfire-Research/npkA mostly-serverless distributed hash cracking platform
captcha-killer的修改版,支持关键词识别base64编码的图片,添加免费ocr库,用于验证码爆破,适配新版Burpsuite
Event Tracing For Windows (ETW) Resources
Collected and authored guides for personal and operational security.
Connect like there is no firewall. Securely.
Fake Windows logon screen to steal passwords
☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud
yubikey-agent is a seamless ssh-agent for YubiKeys.
Understand adversary tradecraft and improve detection strategies
SSHPry v2 - Spy & Control os SSH Connected client's TTY
Windows Privilege Escalation from User to Domain Admin.
Scan files or process memory for CobaltStrike beacons and parse their configuration