Curtis Houghton's repositories
Penetration-Testing-Cheat-Sheet
A guide to help people who are new to penetration testing and are looking to gain an overview of the penetration testing process. This guide will help anyone hoping to take the CREST CRT or Offensive Security's OSCP exam and will aim to cover each stage of compromising a host.
CallstackSpoofingPOC
C++ self-Injecting dropper based on various EDR evasion techniques.
.NetConfigLoader
.net config loader
AceLdr
Cobalt Strike UDRL for memory scanner evasion.
ADCollector
A lightweight tool to quickly extract valuable information from the Active Directory environment for both attacking and defending.
Amnesiac
Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Directory environments
C2-Tool-Collection
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
Caro-Kann
Encrypted shellcode Injection to avoid Kernel triggered memory scans
Certify
Active Directory certificate abuse.
CVE-2024-21762
out-of-bounds write in Fortinet FortiOS CVE-2024-21762 vulnerability
cve-ss-poc
a signal handler race condition in OpenSSH's server (sshd)
EDR-Preloader
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
GhostDriver
yet another AV killer tool using BYOVD
Kerbeus-BOF
BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
LinikatzV2
linikatz is a tool to attack AD on UNIX
Nimperiments
Various one-off pentesting projects written in Nim. Updates happen on a whim.
Penetration-List
Penetration-List: A comprehensive resource for testers, covering all types of vulnerabilities and materials used in Penetration Testing. Includes payloads, dorks, fuzzing materials, and offers in-depth theory sections. Visit our Medium profile for more information.
PenetrationTesting_Notes-
My Notes about Penetration Testing
pingcastle
PingCastle - Get Active Directory Security at 80% in 20% of the time
ProcessStomping
A variation of ProcessOverwriting to execute shellcode on an executable's section
PyPhisher
Easy to use phishing tool with 77 website templates. Author is not responsible for any misuse.
pywhisker
Python version of the C# tool for "Shadow Credentials" attacks
rengine
reNgine is an automated reconnaissance framework.
SharpUp
SharpUp is a C# port of various PowerUp functionality.
SimpleEDR
Simple EDR that injects a DLL into a process to place a hook on specific Windows API
ThreadlessInject-C
This repository implements Threadless Injection in C
wordlists
Real-world infosec wordlists, updated regularly