AzureRT - A Powershell module implementing various Azure Red Team tactics

Active Directory and Internal Pentest Cheatsheets

A Post-exploitation Toolset for Interacting with the Microsoft Graph API

Multi-Cloud Security Auditing Tool

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

Download your Spotify playlists and songs along with album art and metadata (from YouTube if a match is found).

Easy 802.1Q VLAN Hopping

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public expl…

Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!

.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers

Awesome list of step by step techniques to achieve Remote Code Execution on various apps!

Secure Shell Bruteforcer — A faster & simpler way to bruteforce SSH server

Userspace NFS client shell

CVE-2009-2698 compiled for CentOS 4.8

Script for pentest

A fast TCP/UDP tunnel over HTTP

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

SMB Spider is a lightweight python utility for searching SMB/CIFS/Samba file shares. While performing a penetration test, the need to search hundreds of hosts for sensitive password files resulted …

SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.

A swiss army knife for pentesting networks

active directory query tool using LDAP Protocol , helps red teamer / penetration testers to validate users credentials , retrieve information about AD users , AD groups

Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment

Adversary Emulation Framework

A PoC backdoor that uses Gmail as a C&C server

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

zerosum0x0's Koadic

Notes, red team materials, testing tools, etc.

The exploit code is the software or program that attempts to exploit a known vulnerability.

My Personal OSCP Notes