rootsecdev

Azure-Red-Team

Azure Security Resources and Notes

Microsoft-Blue-Forest

Creating a hardened "Blue Forest" with Server 2016/2019 Domain Controllers

OSCP

OSCP Study Guide

Presentations

Presentations from Conferences

CVE-2023-46604

Achieving a Reverse Shell Exploit for Apache ActiveMQ (CVE_2023-46604)

Powershell-Repository

Collection of useful powershell scripts

reverse_shells

Interesting Reverse Shell Repository

badodf

Creates a malicious ODF document help leak NetNTLM Creds

CTF_Exploits

Various Custom Scripts for CTF's

adfsbrute

A script to test credentials against Active Directory Federation Services (ADFS), allowing password spraying or bruteforce attacks.

Anti-Virus-Evading-Payloads

During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!

DomainPasswordSpray

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!

EntraIDPasskeyHelper

PowerShell module to manage the Entra ID device-bound passkey feature

Evilginx2-Phishlets

Evilginx3 Phishlets version (0.2.3 & above) Only For Testing/Learning Purposes

GraphRunner

A Post-exploitation Toolset for Interacting with the Microsoft Graph API

Office365itpros

Office 365 for IT Pros PowerShell examples

PowerShell-Obfuscation-Bible

A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository are the result of personal research, including reading materials online and conducting trial-and-error attempts in labs and pentests.

Azure_Workshop

badPods

A collection of manifests that will create pods with elevated privileges.

family-of-client-ids-research

Research into Undocumented Behavior of Azure AD Refresh Tokens

hackinglz

Kubernetes

Kubernetes Pentesting Repo

onedrive_user_enum

onedrive user enumeration - pentest tool to enumerate valid o365 users

PDFBrute

Quick and Dirty Python script for brute forcing PDF's.

Remove-StaleGuests

This script removes stale Azure AD Guest accounts.

SharpWSUS

Sparrow

Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 environment.

TokenTactics

Azure JWT Token Manipulation Toolset

weberp

Weberp 4.15 Blind SQL Injection Exploit

Wordlists

Custom Wordlists for bruteforce and password hash cracking