TH3xACE

SUDO_KILLER

A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.

EDR-Test

Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].

genAvatar

This script was developped to assist in SpearPhishing campaign during Red Team operations. It can be used to generate random name based on country of origin, sex and how common the combination of surname and firstname can be.

Certipy

Tool for Active Directory Certificate Services enumeration and abuse

cicd-goat

A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.

KrbRelay

Framework for Kerberos relaying

Stormspotter

Azure Red Team tool for graphing Azure and Azure Active Directory objects

TeamFiltration

TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts

asn

ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server

Awesome-CloudSec-Labs

Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.

certsync

Dump NTDS with golden certificates and UnPAC the hash

Chisel-Strike

A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.

cloudgoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

Codecepticon

Coercer

A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.

CVE-2022-1388_PoC

F5 BIG-IP RCE exploitation (CVE-2022-1388)

DeepPass

Hunting for passwords with deep learning

dissect

This project is a meta package, it will install all other Dissect modules with the right combination of versions.

Egress-Assess

Egress-Assess is a tool used to test egress data detection capabilities

GitFive

🐙 Track down GitHub users.

HandleKatz

PIC lsass dumper using cloned handles

Kernelhub

:palm_tree:Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)

Mangle

Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

PersistenceSniper

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines.

PetitPotam

PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

ProtectMyTooling

Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.

RustHound

Active Directory data collector for BloodHound written in rust. 🦀

ScheduleRunner

A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation

windows-coerced-authentication-methods

A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.