Lists (12)
Stars
A lightweight PowerShell tool for assessing the security posture of Microsoft Entra ID environments. It helps identify privileged objects, risky assignments, and potential misconfigurations.
A tool to remotely and locally extract the encrypted credentials from PDQ Inventory/Deploy.
A cross platform library to write offensive and defensive security tools in Go
Lightweight security tool for auditing your organization's Conditional Access Policies (CAPs) in Microsoft Entra ID for potential misconfigurations.
A tool for checking if MFA is enabled on multiple Microsoft Services
LDAP Client and Server API for node.js
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
A New Approach to Directory Bruteforce with WaybackLister v1.0
Beacon Object File (BOF) to obtain Entra tokens via authcode flow.
Exercise writeups from the book Practical Malware Analysis.
Macro-header for compile-time C obfuscation (tcc, win x86/x64)
The Security Toolkit for LLM Interactions
Collection of knowledge about information security
BlackCat is a PowerShell module designed to validate the security of Microsoft Azure. It provides a set of functions to identify potential security holes.
Vajra is a UI-based tool with multiple techniques for attacking and enumerating in the target's Azure and AWS environment. It features an intuitive web-based user interface built with the Python Fl…
Dig your way out of networks like a Meerkat using SSH tunnels via ClickOnce.
Cobalt Strike HTTPS beaconing over Microsoft Graph API
A sample of C++ version Chrome native messaging host
SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.
This code shows how to silently install Web Store extensions on Google Chrome on MacOS