offsecguy

0

followers

following

stars

offsecguy's starred repositories

GhostTask

A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.

Language:CMIT43400

PowerAssembly

Map remote .NET assemblies to memory for further invocation.

Language:PowerShell3800

ntlm_theft

A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)

Language:PythonGPL-3.091900

Farmer

Language:C#33400

CVE-2023-23397-POC-Powershell

Language:PowerShell33900

Sandboxie

Sandboxie Plus & Classic

Language:CGPL-3.01304100

Spartacus

Spartacus DLL/COM Hijacking Toolkit

Language:C#MIT96400

macro_pack

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

Language:PythonApache-2.0207400

PowerShdll

Run PowerShell with rundll32. Bypass software restrictions.

Language:C#MIT173000

RasmanPotato

Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do

Language:C36100

NetLoader

Loads any C# binary in mem, patching AMSI + ETW.

Language:C#77000

AutoRecon

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

Language:PythonGPL-3.0494300

pwndoc

Pentest Report Generator

Language:JavaScriptMIT212300

ImHex

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

Language:C++GPL-2.04112600

BloodHound-Tools

Collection of tools that reflect the network dimension into Bloodhound's data

Language:PythonApache-2.043200

adidnsdump

Active Directory Integrated DNS dumping by any authenticated user

Language:PythonMIT88300

Powermad

PowerShell MachineAccountQuota and DNS exploit tools

Language:PowerShellBSD-3-Clause116800

StandIn

StandIn is a small .NET35/45 AD post-exploitation toolkit

Language:C#67400

SpoolSample

PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.

Language:C#BSD-3-Clause87800

SharpPrinter

Discover Printers

Language:C#BSD-3-Clause16500

SharpOxidResolver

IOXIDResolver from AirBus Security/PingCastle

Language:C#NOASSERTION4400

SharpHound

C# Data Collector for BloodHound

Language:C#GPL-3.066300

SharpExec

Language:C#34600

SCShell

Fileless lateral movement tool that relies on ChangeServiceConfigA to run command

Language:C137200

pingcastle

PingCastle - Get Active Directory Security at 80% in 20% of the time

Language:C#NOASSERTION222600

mimikatz

Language:YARA117800

Lockless

Lockless allows for the copying of locked files.

Language:C#NOASSERTION22400

Inveigh

.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers

Language:C#BSD-3-Clause244600

Internal-Monologue

Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS

Language:C#136700

Group3r

Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.

Language:C#GPL-3.063700