SeemantBisht's repositories
ADACLScanner
Repo for ADACLScan.ps1 - Your number one script for ACL's in Active Directory
ASREPRoast
Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
aws-waf-security-automation
Amazon WAF Security Automation deployment (modular with Terraform)
bta
Open source Active Directory security audit framework.
caldera
An automated adversary emulation system
cascade-server
CASCADE Server
Cheats
Various Cheat Sheets
CredKing
Password spraying using AWS Lambda for IP rotation
DAMP
The Discretionary ACL Modification Project: Persistence Through Host-based Security Descriptor Modification
DeathStar
Automate getting Domain Admin using Empire (https://github.com/EmpireProject/Empire)
DomainCheck
DomainCheck is designed to assist operators with monitoring changes related to their domain names. This includes negative changes in categorization, VirusTotal detections, and appearances on malware blacklists. DomainCheck currently works only with NameCheap.
domainhunter
Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names
DomainPasswordSpray
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
goddi
goddi (go dump domain info) dumps Active Directory domain information
Invoke-CradleCrafter
PowerShell Remote Download Cradle Generator & Obfuscator
MailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
PowerUpSQL
PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server
public-pentesting-reports
Curated list of public penetration test reports released by several consulting firms and academic security groups
Remediation-kits
For Implementing CIS Controls in Different Operating Systems
Scout2
Security auditing tool for AWS environments
webshell
This is a webshell open source project