ongyuann's repositories
365Inspect
A PowerShell script that automates the security assessment of Microsoft Office 365 environments.
ai-exploits
A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities
ASPJinjaObfuscator
Heavily obfuscated ASP web shell generation tool.
bofhound
Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
business-ctf-2024
Official writeups for Business CTF 2024: The Vault Of Hope
ChromeKatz
Dump cookies directly from Chrome process memory
conditional-love
An AWS metadata enumeration tool by Plerion
Damn-Vulnerable-RESTaurant-API-Game
Damn Vulnerable Restaurant is an intentionally vulnerable Web API game for learning and training purposes dedicated to developers, ethical hackers and security engineers.
dev-tunnels
Dev Tunnels SDK
DV_NEW
This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
gMSADumper
Lists who can read any gMSA password blobs and parses them if the current user has access.
HEVD-Exploit-Win10-22H2-KVAS
HEVD Exploit - Bypassing KVA Shadow and SMEP on Windows 10 22H2
how2heap
A repository for learning various heap exploitation techniques.
ldapnomnom
Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (cLDAP)
LOLBASline
Baseline a Windows System against LOLBAS
Magicmida
Themida unpacker
Office365-REST-Python-Client
Microsoft 365 & Microsoft Graph Library for Python
PPLDescribe
Tool for obtaining information about PPL processes
Process_Ghosting
Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by a file. This is an evasion technique.
python-o365
A simple python library to interact with Microsoft Graph and Office 365 API
red
red team tips and trix
Rubeus
Trying to tame the three-headed dog.
searchbins
Offline command line tool that searches for GTFOBins binaries that can be used to bypass local security restrictions in misconfigured systems.
SharpView
C# implementation of harmj0y's PowerView
WinDbg_Scripts
Useful scripts for WinDbg using the debugger data model