Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI

Just another Powerview alternative

NTLMv1 Multitool

Exchange your privileges for Domain Admin privs by abusing Exchange

Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.

A Python based ingestor for BloodHound

A simple script just made for self use for bypassing 403

SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.

Use ESC1 to perform a makeshift DCSync and dump hashes

Dump NTDS with golden certificates and UnPAC the hash

Proof-of-Concept for CVE-2023-38146 ("ThemeBleed")

The Network Execution Tool

Static standalone binaries for Linux and Windows (x64) of Python offensive tools. Compiled using PyInstaller, Docker for Windows, WSL2, and Make.

Tool to sign executables

Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory

Identifies the bytes that Microsoft Defender flags on.

Script to retrieve the master password of a keepass database <= 2.53.1

C# tool for UAC bypasses

Defeating Windows User Account Control

Six Degrees of Domain Admin

The modern Java bytecode editor

Veil 3.1.X (Check version info in Veil at runtime)

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

Automatic Service Enumeration Script

DCSync Attack from Outside using Impacket

This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them

Blazing fast, advanced Padding Oracle exploit

Mimikatz implementation in pure Python

Fully asynchronous SMB library written in pure python