barakagb's repositories
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
bypass-403
A simple script just made for self use for bypassing 403
CVE-2021-3493
Ubuntu OverlayFS Local Privesc
demiguise
HTA encryption tool for RedTeams
exploit-notes
Sticky notes for pentesting.
FlavorTown
Various ways to execute shellcode
Ghostpack-CompiledBinaries
Compiled Binaries for Ghostpack (.NET v4.0)
kerbrute
A tool to perform Kerberos pre-auth bruteforcing
LaZagne
Credentials recovery project
laZzzy
laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.
Lucifer
A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life
OffensiveVBA
This repo covers some code execution and AV Evasion methods for Macros in Office documents
OSEP-Code-Snippets
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PCredz
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
penetration-testing-cheat-sheet
Work in progress...
RemotePotato0
Just another "Won't Fix" Windows Privilege Escalation from User to Domain Admin.
RITM
Roast in the Middle
sam-the-admin
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
sliver
Adversary Emulation Framework
stager_libpeconv
A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading
Villain
Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other machines running Villain) and share their backdoor sessions, handy for working as a team.
Whisker
Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.
windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
Windows_LPE_AFD_CVE-2023-21768
LPE exploit for CVE-2023-21768