Alternative Twitter front-end

Twitch VOD/Clip Downloader - Chat Download/Render/Replay

RottenPotato local privilege escalation from service account to SYSTEM

TweeterPy is a python library to extract data from Twitter. TweeterPy API lets you scrape data from a user's profile like username, userid, bio, followers/followings list, profile media, tweets, etc.

ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

PrintNightmare (CVE-2021-34527) PoC Exploit

Azure Security Resources and Notes

This repo covers some code execution and AV Evasion methods for Macros in Office documents

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands

C++ Windows Reverse Shell - Universal DLL Hijack | SSL Encryption | Statically Linked

A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.

Obfuscate specific windows apis with different apis

CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.

Windows Pentest Scripts

Linux enumeration tool for pentesting and CTFs with verbosity levels

windows-kernel-exploits Windows平台提权漏洞集合

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

My musings with PowerShell

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique present…

MSDAT: Microsoft SQL Database Attacking Tool

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)

Privilege Escalation Enumeration Script for Windows

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

A little tool to play with Windows security

Identifies the bytes that Microsoft Defender flags on.

Mimikatz implementation in pure Python