Alternative Twitter front-end

Twitch VOD/Clip Downloader - Chat Download/Render/Replay

RottenPotato local privilege escalation from service account to SYSTEM

TweeterPy is a python library to extract data from Twitter. TweeterPy API lets you scrape data from a user's profile like username, userid, bio, followers/followings list, profile media, tweets, etc.

ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

PrintNightmare (CVE-2021-34527) PoC Exploit

DKMC - Dont kill my cat - Malicious payload evasion tool

Azure Security Resources and Notes

This repo covers some code execution and AV Evasion methods for Macros in Office documents

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands

C++ Windows Reverse Shell - Universal DLL Hijack | SSL Encryption | Statically Linked

A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.

Obfuscate specific windows apis with different apis

CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.

Windows Pentest Scripts

Linux enumeration tool for pentesting and CTFs with verbosity levels

Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities

windows-kernel-exploits Windows平台提权漏洞集合

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

My musings with PowerShell

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique present…

MSDAT: Microsoft SQL Database Attacking Tool

PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)

Privilege Escalation Enumeration Script for Windows

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.