M1ddl3w4r3's repositories
CobaltStrikeParser
Parse cobalt strike beacons
Evilginx-Phishlets
Evilginx3 Phishlets version (0.2.3 & above) Only For Testing/Learning Purposes
SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
Adalanche
Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)
Gat
Golang Access Tool
Hak5Devices
Custom versions of Public Hak5Device scripts and tools.
KISS
Kali Setup Script
ADExplorerSnapshot.py
ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.
Base-Install-Scripts
Hosting location for Win10 New machine image
bbot
A recursive internet scanner for hackers.
BloodHound.py
A Python based ingestor for BloodHound
CrackMapExec
A swiss army knife for pentesting networks
CS-Situational-Awareness-BOF
Situational Awareness commands implemented using Beacon Object Files
evilginx
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
GOAD
game of active directory
gophish
Open-Source Phishing Toolkit
koth_simulator
A simulation of the RFCTF KOTH game.
PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
ProtectMyTooling
Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.
PSpersist
Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell process is created, the implant will be executed too.
Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
SharpShares
Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain
SourcePoint
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
ultimate-nmap-parser
parse nmap files
update-golang
update-golang is a script to easily fetch and install new Golang releases with minimum system intrusion
Villain
Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other machines running Villain) and share their backdoor sessions, handy for working as a team.
wacker
A WPA3 dictionary cracker
Wi-Fun101
Wifi Workshop on the Basics
wifi_db
Script to parse Aircrack-ng captures into a SQLite database and extract useful information like handshakes, MGT identities, interesting relations between APs, clients and it's Probes, WPS information and a global view of all the APs seen.