Robert Mckay's repositories
linux-exploit-suggester
Linux privilege escalation auditing tool
sandbox-attacksurface-analysis-tools
Set of tools to analyze and attack Windows sandboxes.
apiExample
An Example of a functional API Build
AutoBlue-MS17-010
This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010 AKA EternalBlue
AutoSploit
Automated Mass Exploiter
bfg-repo-cleaner
Removes large or troublesome blobs like git-filter-branch does, but faster. And written in Scala
cloaksec-scripts
Some scripts/helpers I made throughout the PWK/OSCP
dostoevsky-pentest-notes
Read in book form on GitBook
exploitpack
Exploit Pack -The next generation exploit framework
fuzzdb
一个fuzzdb扩展库
java-ldap-ssl-test
This is a small test utility that attempts to connect to an LDAP instance, authenticate a given credential and retrieve attributes. It is very helpful for testing secure connections, LDAPS and certificate configuration.
Meltdown
Meltdown PoC for reading passwords from Google Chrome.
mimikatz
A little tool to play with Windows security
OSCP-2
Collection of things made during my OSCP journey
pentest
:no_entry: offsec batteries included
PenTesting-Scripts
A ton of helpful tools
pipe_finder
Automated script to search in SMB protocol for availables pipe names
ptf
The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
sail-point-improved
Project for improved SailPoint features
scim
SCIM test with jetty
SpectreExploit
SpectreExploit POC
sshuttle
Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
standalone-docker-sailpoint-iiq
A simple way to deploy SailPoint's IdentityIQ 8.0 into a series of docker containers mimicking the core components of most development environments allowing organizations to get new development team members up on their baseline code in minutes.
tutorials
Just Announced - "Learn Spring Security OAuth":
UACME
Defeating Windows User Account Control
Windows-Post-Exploitation
Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. There seems to be a ton of different lists like this, my goal is to include all of them here and include a complete list of commands to use once an OS shell has been established. Contributions are appreciated. Enjoy!