Marek Kovalčík's repositories
ACLight
A script for advanced discovery of Privileged Accounts - includes Shadow Admins
adidnsdump
Active Directory Integrated DNS dumping by any authenticated user
ADModule
Microsoft signed ActiveDirectory PowerShell module
ADRecon
ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
ASREPRoast
Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.
azucar
Security auditing tool for Azure environments
AzureADLateralMovement
Lateral Movement graph for Azure Active Directory
Azurite
Enumeration and reconnaissance activities in the Microsoft Azure Cloud.
CVE-2020-1472
PoC for Zerologon - all research credits go to Tom Tervoort of Secura
DMS-project
Závěrečná práce IT4
FullPowers
Recover the default privilege set of a LOCAL/NETWORK SERVICE account
Invoke-ZeroLogon
Invoke-ZeroLogon allows attackers to impersonate any computer, including the domain controller itself, and execute remote procedure calls on their behalf.
ISJ_projects
ISJ - Scripting Languages
lazy-s3
High level abstraction of s3 functions for lazy programmers.
MSOLSpray
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
nccfsas
Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.
nerve
NERVE Continuous Vulnerability Scanner
o365creeper
Python script that performs email address validation against Office 365 without submitting login attempts.
o365recon
retrieve information via O365 with a valid cred
OSCPRepo
A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
PythonSnake
Snake game written in python
s3-buckets-finder
Find aws s3 buckets and extract datas.
Spray
A Password Spraying tool for Active Directory Credentials by Jacob Wilkin(Greenwolf)
zer0dump
Abuse CVE-2020-1472 (Zerologon) to take over a domain and then repair the local stored machine account password.