rdp2tcp: open tcp tunnel through remote desktop connection.

Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive da…

Collection of scripts to retrieve stored passwords from Veeam Backup

Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)

Pre-Auth Exploit for CVE-2024-40711

Post-exploit tool that enables a SOCKS tunnel via a Windows host using an extensible custom RPC proto over SMB through a named pipe.

Collection of remote authentication triggers in C#

Privilege Escalation Enumeration Script for Windows

Simple C# implementation of PowerUpSQL

The EXCLUSIVE Collection of 40,000+ Nuclei templates based on Wordfence intel. Daily updates for bulletproof WordPress security.

Silentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.

This Repositories contains list of One Liners with Descriptions and Installation requirements

Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.

A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX

Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post

Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.

evilginx3 + gophish

A slightly more fun way to disable windows defender + firewall. (through the WSC api)

Hidedump:a lsassdump tools that may bypass EDR

Репозиторий содержит список вопросов по наступальной безопасности.

Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.

Extracting NetNTLM without touching lsass.exe

lateral movement techniques that can be used during red team exercises

PingCastle - Get Active Directory Security at 80% in 20% of the time

Impacket is a collection of Python classes for working with network protocols.

Python3 HTTP Server with upload functionality

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Data exfiltration over DNS request covert channel

IP over ICMP