Henshin's starred repositories
CVE-2018-13379
CVE-2018-13379
can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
evil-winrm
The ultimate WinRM shell for hacking/pentesting
Dependencies
A rewrite of the old legacy software "depends.exe" in C# for Windows devs to troubleshoot dll load dependencies issues.
SafetyKatz
SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader
BinaryInjectionMitigation
Two tools used during our analysis of the Microsoft binary injection mitigation implemented in Edge TH2.
AggressorScripts
Various Aggressor Scripts I've Created.
Aggressor-Scripts
Aggressor scripts for Cobalt Strike
CodeExecutionOnWindows
A list of ways to execute code on Windows using legitimate Windows tools
domainhunter
Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names
tactical-exploitation
Modern tactical exploitation toolkit.
public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
CobaltStrike-ToolKit
Some useful scripts for CobaltStrike
EvilClippy
A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
CredsLeaker
Credsleaker allows an attacker to craft a highly convincing credentials prompt using Windows Security, validate it against the DC and in turn leak it via an HTTP request.
MailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
ATTACKdatamap
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework