John Carroll 's repositories
AD_Miner
AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses
ADACLScanner
Repo for ADACLScan.ps1 - Your number one script for ACL's in Active Directory
awesome-electronjs-hacking
A curated list of awesome resources about Electron.js (in)security
awesome-flipperzero
π¬ A collection of awesome resources for the Flipper Zero device.
dark-knowledge
ππ A curated library of research papers and presentations for counter-detection and web privacy enthusiasts.
DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password π‘οΈ
ditty
Fake NTDS.dit dump generator for playing along to blogpost
dnstwist
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
dsdump
An improved nm + Objective-C & Swift class-dump
edgedressing
edgedressing leverages a Windows "feature" in order to force a target's Edge browser to open. This browser is then directed to a URL of choice.
gixy
Nginx configuration static analyzer
iptoasn-webservice
Web service to map IP addresses to AS information, using iptoasn.com
just3words
A Dictionary generated with awful python to put as many 3 words in as many combinations as possible, for hashcat, best piping the .gz
krakensdr_pr
Passive Radar Code for the KrakenSDR
nmap-formatter
A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot). Simply put it's nmap converter.
PlumHound
Bloodhound for Blue and Purple Teams
PrivKit
PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.
ruipasn
Russia-onlines
Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
semgrep-rules
Semgrep rules registry
SigSentry
Advanced Wi-Fi and Bluetooth Signal Monitoring Tool
sliver
Adversary Emulation Framework
SpoofDPI
A simple and fast anti-censorship tool written in Go
TeamFiltration
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
terry-the-terraformer
A CLI for deploying red team infrastructure across mutliple cloud providers, all integrated with a virtual Nebula network, and full ELK integration
threat-composer
A simple threat modeling tool to help humans to reduce time-to-value when threat modeling
web-check
π All-in-one website OSINT tool for analysing any website
xray
XRay is a tool for recon, mapping and OSINT gathering from public networks.