pdolinic's repositories
ContainYourself
A POC of the ContainYourself research presented in DEF CON 31, which abuses the Windows containers framework to bypass EDRs.
DllNotificationInjection
A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and remote processes.
ansible-collection-elasticstack
A collection to install and manage the Elastic Stack
amass
In-depth attack surface mapping and asset discovery
certmitm
A tool for testing for certificate validation vulnerabilities of TLS connections made by a client device or an application.
CVE-2023-4911
CVE-2023-4911 proof of concept
dfir-toolkit
CLI tools for forensic investigation of Windows artifacts
dnsaudit
A command-line utility for auditing DNS configuration using Zonemaster API
domain_audit
Audit tool for Active Directory. Automates a lot of checks from a pentester perspective.
dumpscan
Finding secrets in kernel and user memory
ghidralligator
Ghidralligator a C++ multi-architecture pcode emulator based on the Ghidra libsla, designed for fuzzing with AFL++
gpt-llm-trainer
llama2 gpt llm trainer
Havoc
The Havoc Framework
headerpwn
A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers
kubekey
Install Kubernetes/K3s only, both Kubernetes/K3s and KubeSphere, and related cloud-native add-ons, it supports all-in-one, multi-node, and HA 🔥 ⎈ 🐳
LdrLockLiberator
For when DLLMain is the only way
Malcolm
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
Nightmangle
Nightmangle Telegram C2
noseyparker
Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.
NtRemoteLoad
Remote Shellcode Injector
Priv2Admin
Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.
PrivFu
Kernel mode WinDbg extension and PoCs for token privilege investigation.
pywerview
A (partial) Python rewriting of PowerSploit's PowerView
rift
Rift: an AI-native language server for your personal AI software engineer
sliver
Adversary Emulation Framework
SQLRecon
A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.
Supernova
shellcode encryption
Xray-core
Xray, Penetrates Everything. Also the best v2ray-core, with XTLS support. Fully compatible configuration.