kopfjager007's repositories
RegRipper3.0
RegRipper3.0
objection
📱 objection - runtime mobile exploration
SkyArk
SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
Modlishka
Modlishka. Reverse Proxy.
proxify
Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation, and replay on the go.
Rubeus
Trying to tame the three-headed dog.
BeRoot
Privilege Escalation Project - Windows / Linux / Mac
TREVORspray
TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!
Certify
Active Directory certificate abuse.
WhatWeb
Next generation web scanner
UACME
Defeating Windows User Account Control
hardcidr
hardCIDR is a Linux Bash script, but also functions under macOS. Your mileage may vary on other distros. The script with no specified options will query ARIN and a pool of BGP route servers. The route server is selected at random at runtime.
S3Scanner
Scan for open S3 buckets and dump the contents
truffleHog
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
Covenant
Covenant is a collaborative .NET C2 framework for red teamers.
flawfinder
a static analysis tool for finding vulnerabilities in C/C++ source code
dislocker
FUSE driver to read/write Windows' BitLocker-ed volumes under Linux / Mac OSX
weevely3
Weaponized web shell
ysoserial.net
Deserialization payload generator for a variety of .NET formatters
MailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
PwnKit
Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation
penelope
Penelope Shell Handler
hashcat-utils
Small utilities that are useful in advanced password cracking
Bloodhound-Custom-Queries
Custom Query list for the Bloodhound GUI based off my cheatsheet
unicorn
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.
donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
tpm
Tmux Plugin Manager
OffensiveDLR
Toolbox containing research notes & PoC code for weaponizing .NET's DLR
SprayingToolkit
Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient