5M7X's repositories
Detect-It-Easy
Program for determining types of files for Windows, Linux and MacOS.
awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red Team operations, Bug Bounty and more
clash
A rule-based tunnel in Go.
clash-verge
A Clash GUI based on tauri. Supports Windows, macOS and Linux.
Cloud-Security-Attacks
Azure and AWS Attacks
cloudfox
Automating situational awareness for cloud penetration tests.
Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods.
DumpThatLSASS
Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation , it contains Anti-sandbox , if you run it under Virtual Machine you need to uncomment the code related to it and recompile.
Empire
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
eviltree
A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.
ExecRemoteAssembly
Execute Remote Assembly with args passing and with AMSI and ETW patching
FilelessRemotePE
Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique
fzf
:cherry_blossom: A command-line fuzzy finder
HandleKatz
PIC lsass dumper using cloned handles
Havoc
The Havoc Framework
impersonate
A windows token impersonation tool
JuicyPotatoNG
Another Windows Local Privilege Escalation from Service Account to System
kc7
A cybersecurity game in Azure Data Explorer
Masky
Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory
nanodump
A crappy LSASS dumper with no ASCII art
pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
ps4-exploit-host
Easy Exploit Hosting
RustHound
Active Directory data collector for BloodHound written in rust. 🦀
ShadowSpray
A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain.
SharpGmailC2
Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol
trufflehog
Find credentials all over the place