Farbs's repositories
defarbs.github.io
The official GitHub site for Farbs!
adconnectdump
Dump Azure AD Connect credentials for Azure AD and Active Directory
dompdf-exploit
Exploit for systems running dompdf 0.6.0 or lower. Tested on version 0.6.0 as well as all 0.6.0 beta versions.
A-Red-Teamer-diaries
Red_teaming/Pentesting notes and experiments for a real world engagements
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
chomp-scan
A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.
Cobalt-Strike-CheatSheet
Some notes and examples for cobalt strike's functionality
code-snippets
Various code snippets
CrackMapExec
A swiss army knife for pentesting networks
dearg-thread-ipc-stealth
A novel technique to communicate between threads using the standard ETHREAD structure
domained
Multi Tool Subdomain Enumeration
GTFOBins.github.io
Curated list of Unix binaries that can be exploited to bypass system security restrictions
OSCP-Exam-Report-Template
Modified template for the OSCP Exam. Used it during my passing attempt
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Platypus
:hammer: A modern multiple reverse shell sessions manager written in go
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
ROPgadget
This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC and MIPS architectures.
ropstar
Automatic exploit generation for simple linux pwn challenges.
sherlock
🔎 Find usernames across social networks
stego-toolkit
Collection of steganography tools - helps with CTF challenges
T.D.P
Using Thread Description To Hide Shellcode
THRecon
Threat Hunting Reconnaissance Toolkit
VHostScan
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
windapsearch
Python script to enumerate users, groups and computers from a Windows domain through LDAP queries