Stars
A BurpSuite extension that allows you to use Chromium with PwnFox
Repository hosting a static list of Microsoft First party apps and Graph permissions that's updated daily
sandbox approach for malware developers and red teamers to test payloads against detection mechanisms before deployment
crypt0rr / pack
Forked from Hydraze/packPACK (Password Analysis and Cracking Kit) (Python 3 fork + bug fixes)
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.
Exploit Development and Reverse Engineering with GDB & LLDB Made Easy
LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
Uses rpcdump to locate the ADCS server, and identify if ESC8 is vulnerable from unauthenticated perspective.
An enterprise friendly way of detecting and preventing secrets in code.
coffeegist / bofhound
Forked from fortalice/bofhoundGenerate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
BOF to steal browser cookies & credentials
Decrypt App-Bound encrypted keys in Chrome 127+, using the IElevator COM interface bypassing path validation and encryption protections.
Simple Windows desktop application for viewing & querying Apache Parquet files
A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain.
Gogh is a collection of color schemes for various terminal emulators, including Gnome Terminal, Pantheon Terminal, Tilix, and XFCE4 Terminal also compatible with iTerm on macOS.
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
NTLMRawUnhide.py is a Python3 script designed to parse network packet capture files and extract NTLMv2 hashes in a crackable format. The following binary network packet capture formats are supporte…
This small utility retrieves from the CommonCrawl data set unique subdomains for a given domain name.
Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domain joined machies
Convert an LDIF file to JSON files ingestible by BloodHound
Chameleon: A tool for evading Proxy categorisation
Proof-of-concept obfuscation toolkit for C# post-exploitation tools