Scripts to build a trimmed-down Windows 11 image.

PowerSploit - A PowerShell Post-Exploitation Framework

Six Degrees of Domain Admin

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

game of active directory

A tool which is uses to remove Windows Defender in Windows 8.x, Windows 10 (every version) and Windows 11.

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

PowerShell Obfuscator

Automation for internal Windows Penetrationtest / AD-Security

Privilege Escalation Enumeration Script for Windows

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.

Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world.…

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAR…

PowerShell Pass The Hash Utils

CobaltStrike后渗透测试插件

LSTAR - CobaltStrike 综合后渗透插件

A list of useful Powershell scripts with 100% AV bypass (At the time of publication).

Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it wi…

The Elevate Kit demonstrates how to use third-party privilege escalation attacks with Cobalt Strike's Beacon payload.

SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket

Open source C2 server created for stealth red team operations

A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

Socks proxy, and reverse socks server using powershell.

Egress-Assess is a tool used to test egress data detection capabilities

Aggressor Script, Kits, Malleable C2 Profiles, External C2 and so on

使用多种WinAPI进行权限维持的CobaltStrike脚本，包含API设置系统服务，设置计划任务，管理用户等。

Collection of PowerShell functions a Red Teamer may use in an engagement