dev0x41's repositories
AADInternals
AADInternals PowerShell module for administering Azure AD and Office 365
AMSI-BYPASS
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
AWSGoat
AWSGoat : A Damn Vulnerable AWS Infrastructure
Azure-App-Tools
Collection of tools to use with Azure Applications
combobulator
Dependency Combobulator
CVE-2021-40444
CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit
CVE-2024-21413
Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC
Get-UserSession
Query user sessions for the entire domain (Interactive/RDP etc), allowing you to query a Username and see all their logged on sessions, whether Active or Disconnected
gscript
framework to rapidly implement custom droppers for all three major operating systems
Infosec_Reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
linux-smart-enumeration
Linux enumeration tool for pentesting and CTFs with verbosity levels
MicroBurst
A collection of scripts for assessing Microsoft Azure security
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
o365enum
Enumerate valid usernames from Office 365 using ActiveSync, Autodiscover v1, or office.com login page.
o365spray
Username enumeration and password spraying tool aimed at Microsoft O365.
P4wnP1_aloa
P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming and physical engagements ... or into "A Little Offensive Appliance".
pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
pico-tpmsniffer
A simple, very experimental TPM sniffer for LPC bus
pingcastle
PingCastle - Get Active Directory Security at 80% in 20% of the time
pwnagotchi
(⌐■_■) - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.
Pyramid
a tool to help operate in EDRs' blind spots
pyrdp
RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
stratus-red-team
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud.
TREVORspray
TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!
trivy
Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
UltimateWDACBypassList
A centralized resource for previously documented WDAC bypass techniques