Stars
Simple PoC of the CVE-2023-23397 vulnerability with the payload sent by email.
AI Red Teaming playground labs to run AI Red Teaming trainings including infrastructure.
SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai.
Neo4LDAP is a query and visualization tool focused on Active Directory environments. It combines LDAP syntax with graph-based data analysis in Neo4j, offering an alternative approach to tools like …
A lightweight PowerShell tool for assessing the security posture of Microsoft Entra ID environments. It helps identify privileged objects, risky assignments, and potential misconfigurations.
Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
Just another Powerview alternative but on steroids
tool for enumeration & bulk download of sensitive files found in SharePoint environments
BloodHound-MCP-AI is integration that connects BloodHound with AI through Model Context Protocol, allowing security professionals to analyze Active Directory attack paths using natural language ins…
Claude MCP server to perform analysis on ROADrecon data
🛰️ Represent any GraphQL API as an interactive graph
Obtain GraphQL API schema even if the introspection is disabled
peeko – Browser-based XSS C2 for stealthy internal network exploration via infected browser.
Active Directory Mindmap Recipes: A Compromise à la Carte
ClatScope Info Tool – The best and most versatile OSINT utility for retrieving geolocation, DNS, WHOIS, phone, email, data breach information and much more (70+ features). Perfect for investigators…
Worlds First Public POC for CVE-2025-1974
Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history.
Pattern recognition for hosts, services, and content
FBI Watchdog is an OSINT tool that monitors domain seizures and DNS record changes in real time, alerting users to law enforcement takedowns and other DNS modifications.
Tool created for Red Team to test default credentials on SSH and WinRM and then execute scripts with those credentials before the password can be changed by Blue Team.
InvokeADCheck is a PowerShell module designed to evaluate the security of Active Directory environments.
A simple page to generate TOTP for peer authentication in the post-truth world
.NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS
This repo is about Active Directory Advanced Threat Hunting