Stars
Python version of the C# tool for "Shadow Credentials" attacks
Analysis and exploitation of an use-after-free in ProFTPd
SharpCoercer is a .NET 4.8 C# tool that leverages 16 different RPC-based coercion methods to force remote Windows hosts to authenticate to your listener over SMB or HTTP.
for offensive security OSEP certification.
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available
An MCP for WireShark (tshark). Empower LLM's with realtime network traffic analysis capability
smbclient-ng, a fast and user friendly way to interact with SMB shares.
Centralized resource for listing and organizing known injection techniques and POCs
Offensive GPO dumping and analysis tool that leverages and enriches BloodHound data
Active Directory pentesting mind map
List of Awesome Red Team / Red Teaming Resources This list is for anyone wishing to learn about Red Teaming but do not have a starting point.
Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!
📚 Collaborative cheatsheets for console commands
Fabric is an open-source framework for augmenting humans using AI. It provides a modular system for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere.
Feed reader (podcast player and also Gemini protocol client) which supports RSS/ATOM/JSON and many web-based feed services.
For pentesters who don't wanna leave their terminals.
Tips and tricks for working with Large Language Models like OpenAI's GPT-4.
clif is a command-line interface (CLI) application fuzzer, pretty much what wfuzz or ffuf are for web. It was inspired by sudo vulnerability CVE-2021-3156 and the fact that for some reasons, Google…