Bring your own print driver privilige escalation tool

Active Directory certificate abuse.

"Golden" certificates

Template-Driven AV/EDR Evasion Framework

Password spraying and bruteforcing tool for Active Directory Domain Services

ScareCrow - Payload creation framework designed around EDR bypass.

A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.

A list of vulnerabilities or design flaws Microsoft does not intend to fix. Since the number is growing, I decided to make a list.

Exploit allowing you to read registry hives as non-admin

A little tool to play with Windows security

Windows memory hacking library

PowerShell toolkit for AD CS auditing based on the PSPKI toolkit.

Defences against Cobalt Strike

LoadLibrary for offensive operations

Alternative Shellcode Execution Via Callbacks

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments…

Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.

Automation for internal Windows Penetrationtest / AD-Security

Offensive tools written for practice purposes

Just another "Won't Fix" Windows Privilege Escalation from User to Domain Admin.

Frida Boot 👢- A binary instrumentation workshop, with Frida, for beginners!

Community curated list of templates for the nuclei engine to find security vulnerabilities.

A script to test credentials against Active Directory Federation Services (ADFS), allowing password spraying or bruteforce attacks.

Dump the memory of a PPL with a userland exploit

Proof-of-Concept (PoC) script to exploit Pulse Secure CVE-2021-22893.

Ubuntu OverlayFS Local Privesc