Lists (6)
Stars
Windows Precision Touchpad Driver Implementation for Apple MacBook / Magic Trackpad
Just another Powerview alternative but on steroids
Assortment of scripts and tools for our Blackhat EU 2024 talk
Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Pers…
Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options
A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.
A BloodHound collector for Microsoft Configuration Manager
Tool to extract username and password of current user from PanGPA in plaintext
Complete list of LPE exploits for Windows (starting from 2023)
PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.
ServiceLens is a Python tool for analyzing services linked to Microsoft 365 domains. It scans DNS records like SPF and DMARC to identify services, categorizing them into Email, Cloud, Security, and…
Zero shot vulnerability discovery using LLMs
This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Content Repo for Demystifying KQL Tutorial Series
Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)
A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain.
Retrieve and display information about active user sessions on remote computers. No admin privileges required.
Extracted Yara rules from Windows Defender mpavbase and mpasbase
Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
Cortex XDR Config Extractor