David B.'s repositories
SUDO_KILLER
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
Stormspotter
Azure Red Team tool for graphing Azure and Azure Active Directory objects
TeamFiltration
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
asn
ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server
Awesome-CloudSec-Labs
Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.
certsync
Dump NTDS with golden certificates and UnPAC the hash
Chisel-Strike
A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.
cloudgoat
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
CVE-2022-1388_PoC
F5 BIG-IP RCE exploitation (CVE-2022-1388)
DeepPass
Hunting for passwords with deep learning
dissect
This project is a meta package, it will install all other Dissect modules with the right combination of versions.
Egress-Assess
Egress-Assess is a tool used to test egress data detection capabilities
GitFive
🐙 Track down GitHub users.
HandleKatz
PIC lsass dumper using cloned handles
Kernelhub
:palm_tree:Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)
Mangle
Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PersistenceSniper
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines.
PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
ProtectMyTooling
Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.
RustHound
Active Directory data collector for BloodHound written in rust. 🦀
ScheduleRunner
A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation
windows-coerced-authentication-methods
A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.