Neo-reGeorg is a project that seeks to aggressively refactor reGeorg

Find leaked secrets via github search

Tools & Interesting Things for RedTeam Ops

Extract credentials from lsass remotely

Notes about attacking Jenkins servers

A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.

This project aims to compare and evaluate the telemetry of various EDR products.

Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments.

Vcenter综合渗透利用工具包 | Vcenter Comprehensive Penetration and Exploitation Toolkit

New generation of wmiexec.py

A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)

Send phishing messages and attachments to Microsoft Teams users

c++ fully undetected shellcode launcher ;)

Active Directory Integrated DNS dumping by any authenticated user

ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.

A python script to scan for Apache Tomcat server vulnerabilities.

CVE-2023-38831 winrar exploit generator

Invisible network protocol sniffer

metame is a metamorphic code engine for arbitrary executables

RCE 0-day for GhostScript 9.50 - Payload generator

Python3 o365 User Enumeration Tool

morphHTA - Morphing Cobalt Strike's evil.HTA

This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.

Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound

Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.

In-depth ldap enumeration utility

Analyse your malware to surgically obfuscate it

Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()