John Carroll 's repositories
AD_Miner
AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses
ADACLScanner
Repo for ADACLScan.ps1 - Your number one script for ACL's in Active Directory
Asgar
A two-column, clean and minimalist theme for @TryGhost
awesome-electronjs-hacking
A curated list of awesome resources about Electron.js (in)security
awesome-flipperzero
🐬 A collection of awesome resources for the Flipper Zero device.
dark-knowledge
😈📚 A curated library of research papers and presentations for counter-detection and web privacy enthusiasts.
DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
ditty
Fake NTDS.dit dump generator for playing along to blogpost
dnstwist
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
dsdump
An improved nm + Objective-C & Swift class-dump
edgedressing
edgedressing leverages a Windows "feature" in order to force a target's Edge browser to open. This browser is then directed to a URL of choice.
gixy
Nginx configuration static analyzer
GoodHound
Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.
iptoasn-webservice
Web service to map IP addresses to AS information, using iptoasn.com
just3words
A Dictionary generated with awful python to put as many 3 words in as many combinations as possible, for hashcat, best piping the .gz
krakensdr_pr
Passive Radar Code for the KrakenSDR
mass-sslscan
Run SSLScan against a large number of targets, saving the data into a reportable format.
nmap-formatter
A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot). Simply put it's nmap converter.
PlumHound
Bloodhound for Blue and Purple Teams
PrivKit
PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.
ruipasn
Russia-onlines
Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
semgrep-rules
Semgrep rules registry
sliver
Adversary Emulation Framework
TeamFiltration
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
terry-the-terraformer
A CLI for deploying red team infrastructure across mutliple cloud providers, all integrated with a virtual Nebula network, and full ELK integration
web-check
🌐 All-in-one website OSINT tool for analysing any website
xray
XRay is a tool for recon, mapping and OSINT gathering from public networks.