Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

A tool to view and extract the contents of an Windows Installer (.msi) file.

Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources

SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.

A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.

StandIn is a small .NET35/45 AD post-exploitation toolkit

Modifying SweetPotato to support load shellcode and webshell

A tool to help query AD via the LDAP protocol

Windows protocol library, including SMB and RPC implementations, among others.

DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the default settings).

修改的SweetPotato，使之可以用于CobaltStrike v4.0

A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA server using the MS-WCCE protocol over DCOM and It bypasses …

Registry permission scanner written in C# for finding potential privesc avenues within registry

A Custom CLR Assembly for MSSQL of the popular tool GodPotato

Find jmp gadgets for call stack spoofing.

Tool to bypass LSA Protection (aka Protected Process Light)

SharpCoercer is a .NET 4.8 C# tool that leverages 16 different RPC-based coercion methods to force remote Windows hosts to authenticate to your listener over SMB or HTTP.