Stars
Directory Services Internals (DSInternals) PowerShell Module and Framework
A list of public penetration test reports published by several consulting firms and academic security groups.
Stealthy x64 thread manipulation library for calling functions inside target processes without creating remote threads or installing hooks.
CaptainCredz is a modular and discreet password-spraying tool.
Gain another host's network access permissions by establishing a stateful connection with a spoofed source IP
This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit type coercion
Commit Stomping is a technique in which Git commit timestamps are manipulated to obscure the true timing of changes.
Injecting DLL into LSASS at boot
一款高性能 HTTP 代理隧道工具 | A high-performance http proxy tunneling tool
🚀 Code Analysis & Policy as Code for Open Source Software Supply Chain
Windows Privilege Escalation from User to Domain Admin.
A PHP backdoor management and generation tool/C2 featuring end to end encrypted payload streaming designed to bypass WAF, IDS, SIEM systems.
Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...
A small tool built to find and fix common misconfigurations in Active Directory Certificate Services.
An even funnier way to disable windows defender. (through WSC api)
A companion tool that uses ADeleg to find insecure trustee and resource delegations in Active Directory
A tool to download all Pwned Passwords hash ranges and save them offline so they can be used without a dependency on the k-anonymity API
A fast and comprehensive tool for organizational network scanning
Easy to use, open-source infrastructure management platform, crafted specifically for red team engagements.