pwnf's repositories
BofAllTheThings
Creating a repository with all public Beacon Object Files (BoFs)
ChromeKatz
Dump cookies directly from Chrome process memory
cookie-monster
BOF to steal browser cookies & credentials
DDSpoof
DDSpoof is a tool that enables DHCP DNS Dynamic Update attacks against Microsoft DHCP servers in AD environments.
devrelaxdown
Basic obfuscation of davrelayup
DirtyCLR
An App Domain Manager Injection DLL PoC on steroids
DllNotificationInjection
A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and remote processes.
FormThief
Spoofing desktop login applications with WinForms and WPF
gowitness
🔍 gowitness - a golang, web screenshot utility using Chrome Headless
Infosec_Reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
LDAPWordlistHarvester
A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.
linkedin2username
OSINT Tool: Generate username lists for companies on LinkedIn
lofl
Living Off the Foreign Land setup scripts
Misconfiguration-Manager
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
net-creds
Sniffs sensitive data from interface or pcap
ntlm_theft
A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)
NtlmThief
Extracting NetNTLM without touching lsass.exe
pretender
Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.
Pyramid
a tool to help operate in EDRs' blind spots
ReverseSocks5
Single executable reverse socks5 proxy written in Golang.
SharpDPAPI
SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.
ThreadlessInject-C
This repository implements Threadless Injection in C