#
Lists (2)
Starred repositories
A framework built on top of Burp's Python Scripter extension.
Bash Script to automate install of AWUS036ACH Wireless Alfa drivers instead of manually running every command. Works on Kali Linux/Debian Systems
JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints thr…
Tool for Active Directory Certificate Services enumeration and abuse
A PowerShell module for exporting, importing, removing, permissioning, publishing Active Directory Certificate Templates. It also includes a DSC resource for creating AD CS templates using these fu…
SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.
xforcered / SoaPy
Forked from logangoins/SoaPySoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.
extract remote timestamp from hping3 icmp replies
ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.
reNgine-ng is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuo…
Detect msDS-KeyCredentialLink Changes
8
Updated Jun 19, 2024
Tools for interacting with authentication packages using their individual message protocols
A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.
An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities
This script will enable you to reset the krbtgt account password and related keys while minimizing the likelihood of Kerberos authentication issues being caused by the operation.
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.
Standalone binaries for Linux/Windows of Impacket's examples
You can combine multiple Nessus reports into a single file.
A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.
missing0x00 / configmgr-cryptderivekey-hashcat-module
Forked from MWR-CyberSec/configmgr-cryptderivekey-hashcat-moduleHashcat module that can crack a password used to derive an AES-128 key with CryptDeriveKey from CryptoAPI
Server for Squeezebox and compatible players. This server is also called Lyrion Music Server.
One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️