Azure-Red-Team. Azure Security Resources and Notes
1.8kMicrosoft-Blue-Forest. Creating a hardened "Blue Forest" with Server 2016/2019 Domain Controllers
271ChromeOS.
61Impacket_Reference.
47OSCP. OSCP Study Guide
42Presentations. Presentations from Conferences
31Microsoft-Security-Baselines. This is a collection of Security Baselines that I use in my virtual lab environment.
23CVE-2023-46604. Achieving a Reverse Shell Exploit for Apache ActiveMQ (CVE_2023-46604)
18reverse_shells. Interesting Reverse Shell Repository
12pyKerbrute. Use python to perform Kerberos pre-auth bruteforcing
12Powershell-Repository. Collection of useful powershell scripts
12Linux-Security. Repository for Linux Security
11Virtual-Smart-Cards. My notes around implementation of virtual smart cards in a hyper-v lab environment. This page is intended on setting up a lab for virtual smart card use.
8RedTeam-OffensiveSecurity. Tools & Interesting Things for RedTeam Ops
6Pentest-Cheatsheets. Python
4SystemNightmare. Gives you instant SYSTEM command prompt on all supported and legacy versions of Windows
4CloudPentestCheatsheets. This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
4EntraIDPasskeyHelper. PowerShell module to manage the Entra ID device-bound passkey feature
3dfunc-bypasser. This tool is for letting you know how strong your disable_functions is and how you can bypass that.
3go-windapsearch. Utility to enumerate users, groups and computers from a Windows domain through LDAP queries
3CTF_Exploits. Various Custom Scripts for CTF's
3Anti-Virus-Evading-Payloads. During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!
3SirepRAT. Remote Command Execution as SYSTEM on Windows IoT Core
3GoMapEnum. User enumeration and password bruteforce on Azure, ADFS, OWA, O365 and gather emails on Linkedin
3sam-the-admin. Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
3at-ps. Adversary Tactics - PowerShell Training
3CVE-2021-40444. CVE-2021-40444 PoC
3badodf. Creates a malicious ODF document help leak NetNTLM Creds
2windows-php-reverse-shell. Simple php reverse shell implemented using binary .
2Wordlists. Custom Wordlists for bruteforce and password hash cracking
2commando-vm. Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@fireeye.com
2ThreatHunter-Playbook. A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
2aad-sso-enum-brute-spray. POC of SecureWorks' recent Azure Active Directory password brute-forcing vuln
2cset. Cybersecurity Evaluation Tool
2GraphRunner. A Post-exploitation Toolset for Interacting with the Microsoft Graph API
2RoguePotato. Another Windows Local Privilege Escalation from Service Account to System
2fingerprintjs2.
2Certipy. Python implementation for Active Directory certificate abuse
2Azure_Workshop. HCL
2PayloadsAllTheThings. A list of useful payloads and bypass for Web Application Security and Pentest/CTF
2azureOutlookC2. Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Microsoft Graph API for C2 Operations.
2AutoRecon. AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
2Ninja_UUID_Dropper. Module Stomping, No New Thread, HellsGate syscaller, UUID Dropper for x64 Windows 10!
2ResetDomainPasswords.ps1. PowerShell script to generate random passwords (based on a wordlist) and reset passwords of all user accounts in the domain.
2atomic-red-team. Small and highly portable detection tests based on MITRE's ATT&CK.
2CTF-Walkthrough. CTF Walkthrough
2adfsbrute. A script to test credentials against Active Directory Federation Services (ADFS), allowing password spraying or bruteforce attacks.
1SeRestoreAbuse. SeRestorePrivilege to SYSTEM
1Kubernetes. Kubernetes Pentesting Repo
1weberp. Weberp 4.15 Blind SQL Injection Exploit
1Evilginx2-Phishlets. Evilginx3 Phishlets version (0.2.3 & above) Only For Testing/Learning Purposes
1PowerShell-Obfuscation-Bible. A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository are the result of personal research, including reading materials online and conducting trial-and-error attempts in labs and pentests.
1DomainPasswordSpray. DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
1GhostPack. Complied .net Binaries for Ghostpack Tools
1rootsecdev.github.io.
1GPG. Guide and scripts on GPG
1PDFBrute. Quick and Dirty Python script for brute forcing PDF's.
1Script-Repository. Useful Scripts
1