Tim McGuffin's repositories
NetNTLMtoSilverTicket
SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket
Invoke-Nanodump
HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection
COMDumpster
COM
HelloWorld
.Net 4.0 x64 HelloWorld.exe
vscode-m5stack-mpy
A extension to mange files for M5Stack micropython system
AES-PowerShellCode
Standalone version of my AES Powershell payload for Cobalt Strike.
ATPMiniDump
Evading WinDefender ATP credential-theft
CVE-2020-1472
PoC for Zerologon - all research credits go to Tom Tervoort of Secura
DLLHijackTest
DLL and PowerShell script to assist with finding DLL hijacks
linux-smart-enumeration
Linux enumeration tool for pentesting and CTFs with verbosity levels
magnifier0day
Windows 10 Privilege Escalation (magnifier.exe) via Dll Search Order Hijacking
nccfsas
Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
ppdump-public
Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDump() Shellcode
Priv2Admin
Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.
PS-Base32EncodeDecode
Base32 Encode and Decode functions in Powershell
RedTeam-Tactics-and-Techniques
Red Teaming Tactics and Techniques
ROADtools
The Azure AD exploration framework.
rubeus2ccache
Extracts all base64 ticket data from a rubeus /dump file and converts the tickets to ccache files for easy use with other tools.
SweetPotato
Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019
TokenStomp
C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic