unsigned_sh0rt

Advanced
@garrettfoster13

Security Researcher at @SpecterOps

sccmhunter. SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.

927

pre2k. A tool to query for the existence of pre-windows 2000 computer objects.

391

aced. Python

200

ldap_bofs. Random BOFs for LDAP tradecraft

74

fustercluck. POC tool to abuse windows server failover clusters

56

mssqlkaren. modified mssqlclient from impacket to extract policies from the SCCM database

46

scomhunter. Python

40

wtftp. wtftp.py is a tool to attack Microsoft Deployment Toolkit (MDT) and Windows Deployment Services (WDS).

34

CVE-2025-59501. CVE-2025-59501 POC code

26

SetZeroSync. Python

14

NotSoSmartDeploy. POC to decrypt SmartDeploy encrypted credentials

12

pre2k-TS. Python

10

ludus_wsfc. An Ansible collection that installs a basic Windows Server Failover Cluster

9

impacket. Impacket is a collection of Python classes for working with network protocols.

4

dplooter. Python

4

smsadmin. Python

3

windows-coerced-authentication-methods. A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.

3

cloud-proxy. cloud-proxy creates multiple DO droplets and then starts local socks proxies using SSH

2

adduser. Programmatically create an administrative user under Windows

2

azurejwt. Python

2

BloodHound.py. A Python based ingestor for BloodHound

2

ldap_shell. AD ACL abuse

1

ADGenerator. Active Directory Generator files for Movement, Pivoting, and Persistence for Pentesters and Ethical Hackers.

1

DefaultCreds-cheat-sheet. One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

1

wmiexec-Pro. New generation of wmiexec.py

1

Misconfiguration-Manager. Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

1

p0wnedShell. PowerShell Runspace Post Exploitation Toolkit

1

PrivescCheck. Privilege Escalation Enumeration Script for Windows

1

md4errors.

1

screen-config.

1
30
Apply