Recover the default privilege set of a LOCAL/NETWORK SERVICE account

Some random tools I use for penetration testing

Privilege Escalation Enumeration Script for Windows

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

A VBA implementation of the RunPE technique or how to bypass application whitelisting.

Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

An open-source post-exploitation framework for students, researchers and developers.

Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019

Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

🔥 CHAOS is a free and open-source Remote Administration Tool that allow generate binaries to control remote operating systems.

OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup

Scanner for CVE-2020-0796 - SMBv3 RCE

In motherland, target network calls you!

Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provi…

The TrustedSec Attack Platform is a reliable method for droppers on an infrastructure in order to ensure established connections to an organization.

Trying to tame the three-headed dog.

Quake VR mod supporting room-scale movement, hand interactions, and melee attacks.

Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth.

A native backdoor module for Microsoft IIS (Internet Information Services)

Fast and easy script to manage pentesting training apps

Tool to discover Resource-Based Constrained Delegation attack paths in Active Directory environments

Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.

Fake Windows logon screen to steal passwords

Pwn stuff.

[CVE-2019-14615] iGPU Leak: An Information Leakage Vulnerability on Intel Integrated GPU

CVE-2020-0601 #curveball - Alternative Key Calculator

PoC (DoS + scanner) for CVE-2020-0609 & CVE-2020-0610 - RD Gateway RCE