一款帮助云租户发现和测试云上风险、增强云上防护能力的综合性开源工具

LSPatch: A non-root Xposed framework extending from LSPosed

CaveCarver - PE backdooring tool which utilizes and automates code cave technique

C# implementation of the research by @jonaslyk and the drafted PoC from @LloydLabs

A terminal for a more modern age

A light-weight first-stage C2 implant written in Nim (and Rust).

My own OSCP guide

Loading Remote AES Encrypted PE in memory , Decrypted it and run it

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

A swiss army knife for pentesting networks

SMBExec C# module

A collection of Cobalt Strike Malleable C2 profiles

Obfuscation library based on C++11/14 and metaprogramming

Spray a hash via smb to check for local administrator access

C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode injection

Pass the Hash to a named pipe for token Impersonation

图形化漏洞利用Demo-JavaFX版

A User Impersonation tool - via Token or Shellcode injection

A little scanner to check the LDAP Signing state

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world.…

Retrieve LAPS password from LDAP

Automation for internal Windows Penetrationtest / AD-Security

Run PowerShell with rundll32. Bypass software restrictions.

Invoke-ZeroLogon allows attackers to impersonate any computer, including the domain controller itself, and execute remote procedure calls on their behalf.

Awesome note-taking apps for hackers & pentesters !

Starkiller is a Frontend for PowerShell Empire.