Giters
Nairuz.Abulhul (nairuzabulhul)

nairuzabulhul

Geek Repo

106

followers

109

following

323

stars

Github PK Tool:Github PK Tool

Nairuz.Abulhul's starred repositories

pentest-scripts-2

More miscellaneous, one-off scripts I created while red-teaming and pentesting.

Language:ShellStargazers:2Issues:0Issues:0

RelabelAbuse

Stargazers:1Issues:0Issues:0

MSOLSpray

A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.

Language:PowerShellLicense:MITStargazers:874Issues:0Issues:0

Azure_Workshop

Language:HCLLicense:Apache-2.0Stargazers:609Issues:0Issues:0

Bloodhound-Custom-Queries

Custom Query list for the Bloodhound GUI based off my cheatsheet

Stargazers:716Issues:0Issues:0

EDD

Enumerate Domain Data

Language:C#Stargazers:312Issues:0Issues:0

Red-Team-Infrastructure-Wiki

Wiki to collect Red Team infrastructure hardening resources

License:BSD-3-ClauseStargazers:4024Issues:0Issues:0

offensive-bookmarks

A collection of bookmarks for penetration testers, bug bounty hunters, malware developers, reverse engineers and anyone who is just interested in infosec topics.

Language:HTMLLicense:GPL-3.0Stargazers:885Issues:0Issues:0

thewhiteh4t.github.io

thewhiteh4t's Blog

Language:HTMLStargazers:28Issues:0Issues:0

GOAD

game of active directory

Language:PowerShellLicense:GPL-3.0Stargazers:4784Issues:0Issues:0

Supp-truder

Supertruder but better

Language:PythonLicense:MITStargazers:32Issues:0Issues:0

Red-Teaming-Toolkit

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

License:GPL-3.0Stargazers:8850Issues:0Issues:0

ADRecon

ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.

Language:HTMLLicense:AGPL-3.0Stargazers:1655Issues:0Issues:0

DeathStar

Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.

Language:PythonLicense:GPL-3.0Stargazers:1573Issues:0Issues:0

pingcastle

PingCastle - Get Active Directory Security at 80% in 20% of the time

Language:C#License:NOASSERTIONStargazers:2237Issues:0Issues:0

pentest-book

Stargazers:1508Issues:0Issues:0

pentest-checklist

An accurated list of things to test while pentesting

Stargazers:12Issues:0Issues:0

RedTeam-OffensiveSecurity

Tools & Interesting Things for RedTeam Ops

Language:PythonLicense:MITStargazers:2120Issues:0Issues:0

TREVORspray

TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!

Language:PythonLicense:GPL-3.0Stargazers:1003Issues:0Issues:0

exchange-penetration-testing

The great Microsoft exchange hack: A penetration tester’s guide (exchange penetration testing)

Language:PowerShellLicense:CC0-1.0Stargazers:62Issues:0Issues:0

TCM-Security-Sample-Pentest-Report

Sample pentest report provided by TCM Security

Stargazers:1040Issues:0Issues:0

security-study-plan

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

Stargazers:4253Issues:0Issues:0

Today-I-Learnt

Here I track my learnings! ✍🏻 📚

Stargazers:4Issues:0Issues:0

ActiveDirectoryLab

A walkthrough on how I set up Microsoft Server 2019 on a Virtual Machine to run Active Directory on it. I then configure a Domain Controller that will allow me to run a domain. After that I ran a Powershell script to create over 1000 users in Active Directory and log into those newly created accounts on another client that uses the domain I set up to connect to the internet. This lab simulates a business environment.

Language:PowerShellStargazers:45Issues:0Issues:0

DomainPasswordSpray

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!

Language:PowerShellLicense:MITStargazers:1697Issues:0Issues:0

BadBlood

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.

Language:PowerShellLicense:GPL-3.0Stargazers:1970Issues:0Issues:0

PSAttack-1

A portable console aimed at making pentesting with PowerShell a little easier.

Language:C#License:MITStargazers:6Issues:0Issues:0

Certify

Active Directory certificate abuse.

Language:C#License:NOASSERTIONStargazers:1431Issues:0Issues:0

Hacking-APIs

Stargazers:342Issues:0Issues:0

LinkedSQL

Tool developed for OSEP exam to aid in exploitation of MS SQL Servers and lateral movement inside of Active Directory.

Language:C#Stargazers:5Issues:0Issues:0