1d8's starred repositories
BadBlood
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
vulnerable-AD-plus
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
pen-testing-findings
A collection of Active Directory, phishing, mobile technology, system, service, web application, and wireless technology weaknesses that may be discovered during a penetration test.
Starkiller
Starkiller is a Frontend for PowerShell Empire.
vulnerable-AD
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
awesome-bloodhound
A curated list of awesome BloodhoundAD resources
eJPTv2-Notes
Penetration Testing Student version 2 simple condensed NOTES for quick recap
OSCP-MarkdownReportingTemplates
Markdown reporting templates and Pandoc styling references to generate sleek reports for OSCP/PWK with little effort.
OSCP-Exam-Report-Template-Markdown
:orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
eJPT-Notes
Collection of notes to prepare for the eLearnSecurity eJPT certification exam.
PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
firmware-mod-kit
Automatically exported from code.google.com/p/firmware-mod-kit
BananaPhone
It's a go variant of Hells gate! (directly calling windows kernel functions, but from Go!)
inflate.py
Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.
xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Bashfuscator
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
pentest-pivoting
A compact guide to network pivoting for penetration testings / CTF challenges.