Stars
DiffRays is a research-oriented tool for binary patch diffing, designed to aid in vulnerability research, exploit development, and reverse engineering.
Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows Filtering Platform (WFP).
Proof of Concepts code for Bring Your Own Vulnerable Driver techniques
Microsoft signed ActiveDirectory PowerShell module
Audit tool for Active Directory. Automates a lot of checks from a pentester perspective.
Reports on Driver, LSASS and other security services mitigations
Proof of Concepts code for Bring Your Own Vulnerable Driver techniques
Enhance Your Active Directory Password Spraying with User Intelligence.
Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.
Privilege Escalation Enumeration Script for Windows
Pentesting cheatsheet with all the commands I learned during my learning journey. Will try to to keep it up-to-date.
PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.
An improvement of the original reflective DLL injection technique by Stephen Fewer of Harmony Security
This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR in context of download cradle detections.
Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic look legit.
Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
Extra cmdlets to help with quering security related information from Azure
A little tool to play with Windows security