tothi's repositories
rbcd-attack
Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket
dll-hijack-by-proxying
Exploiting DLL Hijacking by DLL Proxying Super Easily
ad-honeypot-autodeploy
Deploy a small, intentionally insecure, vulnerable Windows Domain for RDP Honeypot fully automatically.
serviceDetector
Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin privileges.
stager_libpeconv
A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading
log4shell-vulnerable-app
A Basic Java Application Vulnerable to the Log4Shell RCE
azure-function-proxy
basic proxy as an azure function serverless app
malicious-service
Minimal Windows Service Template for demonstrating privilege escalation via weak service executable permissions
steganography
Simple C++ Image Steganography tool to encrypt and hide files insde images using Least-Significant-Bit encoding.
DeviceGuardBypasses
A repository of some of my Windows 10 Device Guard Bypasses
azure-function-proxy-ng
Azure Function as a Reverse Proxy (e.g. for C2 ;) )
SharpSecDump
.Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py
BloodHound
Six Degrees of Domain Admin
CrackMapExec
A swiss army knife for pentesting networks
EDR-Preloader
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
homeassistant-core
:house_with_garden: Open source home automation that puts local control and privacy first.
ical2csv
A Python script that reads ics files and outputs their data into a csv file.
physmem2profit
Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely
thc-hydra
hydra