Windows Privilege Escalation from User to Domain Admin.

Pipeleak is a tool designed to scan GitLab job output logs and artifacts for secrets.

oauth-labs: an intentionally vulnerable set of OAuth 2.0 labs for security training and learning

A pure PowerShell solution for Entra OAuth authentication, enabling easy retrieval of access and refresh tokens

SpecterOps Presentations

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

A BOF that runs unmanaged PEs inline

a Docker + Kubernetes network trouble-shooting swiss-army container

possibly useful tools for the Internet (including dnscheck.tools and myaddr.tools)

Interact with Chromium-based browsers' debug port to view open tabs, installed extensions, and cookies

Parses Snaffler output file and generate beautified outputs.

Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework

DES Rainbow Table Online Phase

RunasCs - Csharp and open version of windows builtin runas.exe

BloodyAD is an Active Directory Privilege Escalation Framework

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming and physical engagements ... or into "A Little Offensive Ap…

apk.sh makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK.

Analyze HTTP and DNS requests and create custom DNS records for your subdomain

Privacy and security baseline for personal Windows 10 and Windows 11

An Arduino sketch for the Adafruit SCD4X and SCD-30 CO2 sensor running on an ESP32 with an http server.

Windows Application Attack Surface Analyzer

Data Exfiltration via WebSerial

ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.

A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.

Veil Evasion is no longer supported, use Veil 3.0!

Probe a rendering engine for vulnerabilities and other features

A Windows potato to privesc