behneyh's starred repositories
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Shhhloader
Syscall Shellcode Loader (Work in Progress)
Windows-Local-Privilege-Escalation-Cookbook
Windows Local Privilege Escalation Cookbook
SpoolSample
PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.
CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability
Microsoft-Outlook-Remote-Code-Execution-Vulnerability
FullBypass
A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell.
Evilginx2-Phishlets
Evilginx3 Phishlets version (0.2.3 & above) Only For Testing/Learning Purposes
DarkWidow
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing
threader3000
Multi-threaded Python Port Scanner with Nmap Integration
frameless-bitb
A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft and the use with Evilginx.
windows-vs-linux-loader-architecture
Side-by-side comparison of the Windows and Linux (GNU) Loaders
uac-bypass-oneliners
Collection of one-liners to bypass User Account Control (UAC) in Windows. These techniques exploit certain behavior in Windows applications to elevate privileges.
adiskreader
Async Python library to parse local and remote disk images.
XingDumper
Python 3 script to dump/scrape/extract company employees from XING API
BHCEupload
A small go tool to upload JSON files to the BloodHound community edition API
NimReflectiveLoader
NimReflectiveLoader is a Nim-based tool for in-memory DLL execution using Reflective DLL Loading.