Beast code in Giters

Charlie Bromberg's starred repositories

awesome-flipperzero

🐬 A collection of awesome resources for the Flipper Zero device.

CC0-1.017298 6320

d2

D2 is a modern diagram scripting language that turns text to diagrams.

Language:GoMPL-2.016071 57 996

rtl_433

Program to decode radio transmissions from devices on the ISM bands (and other frequencies)

Language:CGPL-2.05856 184 1495

ssl-kill-switch2

Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and macOS applications.

Language:Objective-CNOASSERTION3002 115 102

Certipy

Tool for Active Directory Certificate Services enumeration and abuse

Language:PythonMIT2195 29 144

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.

Language:PowerShellGPL-3.01934 48 7

mentalist

Mentalist is a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with Hashcat and John the Ripper.

Language:PythonMIT1719 42 27

MANSPIDER

Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!

Language:PythonGPL-3.0945 21 29

DonPAPI

Dumping DPAPI credz remotely

Language:PythonGPL-3.0830 16 28

SpoolFool

Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)

Language:C#MIT755 16 10

RustHound

Active Directory data collector for BloodHound written in Rust. 🦀

Language:RustMIT660 8 11

Group3r

Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.

Language:C#GPL-3.0619 10 10

lsarelayx

NTLM relaying for Windows made easy

Language:C++517 11 2

Max

Maximizing BloodHound. Max is a good boy.

Language:Python483 11 16

LdapRelayScan

Check for LDAP protections regarding the relay of NTLM authentication

Language:PythonMIT433 7 13

goddi

goddi (go dump domain info) dumps Active Directory domain information

Language:GoNOASSERTION428 19 4

GoMapEnum

User enumeration and password bruteforce on Azure, ADFS, OWA, O365, Teams and gather emails on Linkedin

Language:GoGPL-3.0418 14 7

powerview.py

Just another Powerview alternative

Language:PythonMIT390 3 6

Vulny-Code-Static-Analysis

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

Language:PHPNOASSERTION387 18 3

PyShell

Multiplatform Python WebShell

Language:PythonGPL-3.0279 70

RITM

Roast in the Middle

Language:Python260 10

PetitPotam

Python implementation for PetitPotam

Language:PythonMIT175 4 1

Sharpmad

C# version of Powermad

Language:C#BSD-3-Clause145 70

modifyCertTemplate

ADCS cert template modification and ACL enumeration

Language:Python126 20

CrackHound

Language:Python126 6 2

ctfd-parser

A python script to dump all the challenges locally of a CTFd-based Capture the Flag.

Language:Python122 3 6

Abusing_Weak_ACL_on_Certificate_Templates

Investigation about ACL abusing for Active Directory Certificate Services (AD CS)

118 40

GoldenCopy

Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket.

Language:PythonGPL-3.076 2 1

DirSync

DirSync is a simple proof of concept PowerShell module to demonstrate the impact of delegating DS-Replication-Get-Changes and DS-Replication-Get-Changes-In-Filtered-Set.

Language:PowerShellMIT2200

aclpwn.py

Active Directory ACL exploitation with BloodHound

Language:PythonMIT11 10