tur11ng
Follow
Highlights
- Pro
🥷🏻🔴Red Team
Bypass AMSI and Defender using Ordinal Values
Attack and defend active directory using modern post exploitation adversary tradecraft activity
Notion as a platform for offensive operations
This project aims to compare and evaluate the telemetry of various EDR products.
Small and highly portable detection tests based on MITRE's ATT&CK.
The ultimate WinRM shell for hacking/pentesting
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, i…
PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.
PowerShell framework to assess Azure security
Tool for assessing on-premises Microsoft servers authentication such as ADFS, Skype, Exchange, and RDWeb
Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.
Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime patches signatures and uses SharpSploit DInvoke to PE-Load into…
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus
Openwsman server implementation and client api with bindings
A (partial) Python rewriting of PowerSploit's PowerView
Active Directory data ingestor for BloodHound Legacy written in Rust. 🦀
Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
Killer is a simple tool designed to bypass AV/EDR security tools using various evasive techniques.
Tools & Interesting Things for RedTeam Ops
Hide DLL / Hide Module / Hide Dynamic Link Library
Custom Query list for the Bloodhound GUI based off my cheatsheet