Trying to tame the three-headed dog.

Covenant is a collaborative .NET C2 framework for red teamers.

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Pers…

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

PingCastle - Get Active Directory Security at 80% in 20% of the time

Identifies the bytes that Microsoft Defender flags on.

Active Directory certificate abuse.

Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

Collection of Offensive C# Tooling

SharpUp is a C# port of various PowerUp functionality.

CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.

TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts

The Hunt for Malicious Strings

SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by…

Remote Desktop Protocol .NET Console Application for Authenticated Command Execution

C# implementation of harmj0y's PowerView

PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.

PowerShell rebuilt in C# for Red Teaming purposes

A C# Command & Control framework

Framework for Kerberos relaying

Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!

Kernel mode WinDbg extension and PoCs for token privilege investigation.

A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.

Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.

SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.

PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments

Sandman is a NTP based backdoor for hardened networks.

Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)