barakagb

gb-dl

A python based utility to download courses from infosec4tc.teachable.com , academy.ehacking.net and stackskills.com for personal offline use.

Active-Directory-Exploitation-Cheat-Sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

bloodyAD

BloodyAD is an Active Directory Privilege Escalation Framework

bypass-403

A simple script just made for self use for bypassing 403

CVE-2021-3493

Ubuntu OverlayFS Local Privesc

demiguise

HTA encryption tool for RedTeams

exploit-notes

Sticky notes for pentesting.

FlavorTown

Various ways to execute shellcode

Ghostpack-CompiledBinaries

Compiled Binaries for Ghostpack (.NET v4.0)

kerbrute

A tool to perform Kerberos pre-auth bruteforcing

LaZagne

Credentials recovery project

laZzzy

laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.

Lucifer

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life

Malware_learns

OffensiveVBA

This repo covers some code execution and AV Evasion methods for Macros in Office documents

OSEP-Code-Snippets

A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

PCredz

This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.

penetration-testing-cheat-sheet

Work in progress...

PowerSharpPack

RemotePotato0

Just another "Won't Fix" Windows Privilege Escalation from User to Domain Admin.

RITM

Roast in the Middle

Rubeus

Trying to tame the three-headed dog.

sam-the-admin

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

sliver

Adversary Emulation Framework

stager_libpeconv

A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading

Villain

Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other machines running Villain) and share their backdoor sessions, handy for working as a team.

Whisker

Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.

windows-kernel-exploits

windows-kernel-exploits Windows平台提权漏洞集合

Windows_LPE_AFD_CVE-2023-21768

LPE exploit for CVE-2023-21768