Lists (9)
Stars
Tools for discovery and abuse of COM hijacks
Lightweight binary that joins a device to a Tailscale network and exposes a local SOCKS5 proxy. Designed for red team operations and ephemeral access into restricted environments using Tailscale’s …
A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims at aiding with initial access during red teams and phishing …
Port of the EDRSilencer tool (https://github.com/netero1010/EDRSilencer) to BOF format
Ps-Tools, an advanced process monitoring toolkit for offensive operations
Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
Position Independent Windows Shellcode Written in C
Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking
Beacon Object File (BOF) for dumping certificates (and, when possible, private keys) on Windows
The Phish is the Bait. Identify security infrastructure by deploying intentionally suspicious links that bait scanners and blue teams. Fingerprints automated systems to optimize your actual campaig…
The Shelf is a repository containing various tools, exploits, and scripts that I’ve gathered over the years. These are small but useful utilities for hacking, automation, and configurations that di…
A small set of Beacon Object Files (BOFs) that I developed over the time with a Magic: The Gathering theme.
Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel
tool for requesting Entra ID's P2P certificate and authenticating remote Entra joinned devices with it
a tool to enumerate the resource records of a DNS zone using its DNSSEC NSEC or NSEC3 chain
JJK96 / Certipy
Forked from ly4k/CertipyTool for Active Directory Certificate Services enumeration and abuse
MailFail identifies and provides commands to exploit a large number of email-related misconfigurations for the current domain and subdomain. The extensions UI popup highlights any misconfigurations…
Certified Red Team Operator (CRTO) Cheatsheet and Checklist
Tools and Techniques for Red Team / Penetration Testing
Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does