Highlights
- Pro
Lists (5)
Sort Name ascending (A-Z)
Stars
Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.
Network-wide ads & trackers blocking DNS server
Make everyone in your VLAN ASRep roastable
Dump lsass using only NTAPIS running 3 programs to create 3 JSON and 1 ZIP file... and generate the Minidump later!
NucleiFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encry…
Python tool to check rootkits in Windows kernel
Burp Plugin to Bypass WAFs through the insertion of Junk Data
smbclient-ng, a fast and user friendly way to interact with SMB shares.
A POC to disable TamperProtection and other Defender / MDE components
This tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.
mosesrenegade / PMapper
Forked from nccgroup/PMapperA tool for quickly evaluating IAM permissions in AWS.
WConsole Extractor is a python library which automatically exploits a Werkzeug development server in debug mode. You just have to write a python function that leaks a file content and you have your…
medor is an OSINT tool that enables you to discover a WordPress website IP behind a WAF or behind Onion Services.
Collection of methodology and test case for various web vulnerabilities.
Check robustness of your (their) Active Directory accounts passwords
This repo contains C/C++ snippets that can be handy in specific offensive scenarios.
Fully automated windows credentials dumper, from SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine with a mounted windows drive.
"rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Drive, Swift, Hubic, Wasabi, Google Cloud Storage, Azure Blob, Azure Files, Yandex Files
The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.
Automates the network enumeration process in a fire-and-forget manner, among many more functions. Aims to be the illest Nmap/masscan wrapper alive. Zero effort, zero error network enumeration.
Firepwn is a tool made for testing the Security Rules of a firebase application.
Automated DLL Sideloading Tool With EDR Evasion Capabilities
LSASS memory dumper using direct system calls and API unhooking.
Automated All-in-One OS Command Injection Exploitation Tool.