Tool for Active Directory Certificate Services enumeration and abuse

Awesome EDR Bypass Resources For Ethical Hacking

Q3VM - Single file (vm.c) bytecode virtual machine/interpreter for C-language input

A fast TCP/UDP tunnel over HTTP

holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.

OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

game of active directory

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

Hekatomb is a python script that connects to LDAP directory to retrieve all computers and users informations. Then it will download all DPAPI blob of all users from all computers and uses Domain ba…

Web path scanner

Cross-Platform Android Remote Administration Tool | Official maintained repository for the AhMyth R.A.T Project | A dedicated revival of the original repository at https://GitHub.com/AhMyth/AhMyth-…

A GPT-empowered penetration testing tool

Cobalt Strike script for ScareCrow payloads intergration (EDR/AV evasion)

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

Burp Suite AMF Extension

Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share th…

A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

A collection of Cortana scripts that you may use with Armitage and Cobalt Strike 2.x. Cortana Scripts are not compatible with Cobalt Strike 3.x. Cobalt Strike 3.x uses a variant of Cortana called A…

Python scripts to manage Chia plots and drive space, providing full reports. Also monitors the number of chia coins you have. Auto Drive helps to automate the addition of new hard drives to your sy…

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

A list of ways to execute code on Windows using legitimate Windows tools

A Tool for Domain Flyovers

OSCP cheatsheet

Red Teaming Tactics and Techniques

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

A Password Spraying tool for Active Directory Credentials by Jacob Wilkin(Greenwolf)

CVE-2019-0708-exploit