Stars
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
A little tool to play with Windows security
John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs
Small and highly portable detection tests based on MITRE's ATT&CK.
windows-kernel-exploits Windows平台提权漏洞集合
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
A tool to dump the login password from the current linux user
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
Simple (relatively) things allowing you to dig a bit deeper than usual.
Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.
HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux
A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and re…
Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.
Abusing impersonation privileges through the "Printer Bug"
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
LSASS memory dumper using direct system calls and API unhooking.
Dump cookies and credentials directly from Chrome/Edge process memory
CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
Another Windows Local Privilege Escalation from Service Account to System
A root exploit for CVE-2022-0847 (Dirty Pipe)