🤖 The Modern Port Scanner 🤖

linikatz is a tool to attack AD on UNIX

linikatz is a tool to attack AD on UNIX

A collection of useful tools and scripts were developed and gathered throughout the Offensive Security's PEN-300 (OSEP) course.

C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.

Interract with Microsoft SQL Server (MS SQL | MSSQL) servers and their linked instances in restricted environments, without the need for complex T-SQL queries.

Audit and pentest methodologies for Linux including internal enumeration, privesc, lateral movement, etc.

AutoMSF is a Python script designed for fast generation and deployment of multiple types of Meterpreter reverse_https payloads. Created to aid in OSEP challenges and exams, it generates C#, EXE, VB…

Active directory Attacks and Scripts

Forked and customised enum tool for pentesters.

Python version of the C# tool for "Shadow Credentials" attacks

The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencies.

MacroPhantom automates the process of generating XOR+Caesar encrypted shellcode and embedding it into VBA macros for Microsoft Office documents. The tool streamlines the workflow for security profe…

Directory Services Internals (DSInternals) PowerShell Module and Framework

Collection of Beacon Object Files (BOF) for Cobalt Strike

Lists who can read any gMSA password blobs and parses them if the current user has access.

Dumping all keys from a keytab file

Modified Risk-Based Matrix for Red Team Assessment

Perfect DLL Proxying using forwards with absolute paths.

Backport of SliverStager to work with DotNetToJScript for vba

Dump the memory of a PPL with a userland exploit

This function runs a number of checks on a system to help provide situational awareness to a penetration tester during the reconnaissance phase. It gathers information about the local system, users…

ASPX ShellCode Loader

AspXVenom automates the process of generating encoded shellcode and embedding it into ASPX webshells, providing a smooth workflow for penetration testers during security assessments. The tool is sp…

Offensive Security OSCP+, OSEP, OSWP, OSWA, OSWE, OSED, OSMR, OSEE, OSDA, OSIR, OSTH Exam and Lab Reporting / Note-Taking Tool

BOF to manage Active Directory Integrated DNS (ADIDNS)

LudusHound is a tool for red and blue teams that transforms BloodHound data into a fully functional, Active Directory replica environment via Ludus for controlled testing.