4ndr34z / ntlmthief
☆50Updated 7 months ago
Related projects: ⓘ
- Generate password spraying lists based on the pwdLastSet-attribute of users.☆53Updated 9 months ago
- PowerShell Reverse Shell☆60Updated last year
- RedInfraCraft automates the deployment of powerful red team infrastructures! It streamlines the setup of C2s, makes it easy to create adv…☆47Updated 3 weeks ago
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆38Updated 3 months ago
- This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe☆27Updated 3 months ago
- A collection of tools Neil and Andy have been working on released in one place and interlinked with previous tools☆80Updated last year
- Most Responder's configuration power in your hand.☆36Updated 6 months ago
- Fully automated windows credentials dumper, from SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine wit…☆66Updated 3 months ago
- ☆42Updated 2 months ago
- ☆46Updated 2 years ago
- BloodHound PowerShell client☆43Updated this week
- A Kerberos AP-REQ hijacking tool with DNS unsecure updates abuse.☆89Updated 3 months ago
- this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)☆77Updated 8 months ago
- Encodes a payload within a generated mock-CSS file☆55Updated last year
- Parses Snaffler output file and generate beautified outputs.☆29Updated 3 weeks ago
- Source code and examples for PassiveAggression☆54Updated 3 months ago
- 🌩️ Collection of BloodHound queries for Azure☆40Updated last month
- Automated exploitation of MSSQL servers at scale☆79Updated this week
- Two in one, patch lifetime powershell console, no more etw and amsi!☆79Updated 2 months ago
- A C2 framework built for my bachelors thesis☆51Updated 2 months ago
- Uses rpcdump to locate the ADCS server, and identify if ESC8 is vulnerable from unauthenticated perspective.☆75Updated this week
- vulnlab.com reaper writeup☆25Updated last year
- Repository with quick triggers to help during Pentest in an Active Directory environment.☆35Updated last month
- RDE1 (Rusty Data Exfiltrator) is client and server tool allowing auditor to extract files from DNS and HTTPS protocols written in Rust. �…☆38Updated 11 months ago
- Quick and dirty PowerShell script to abuse the overly permissive capabilities of the SYSTEM user in a child domain on the Public Key Serv…☆25Updated last year
- ☆23Updated last year
- Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe☆13Updated 9 months ago
- Automatically extract and decrypt all configured scanning credentials of a Lansweeper instance.☆34Updated 6 months ago
- Brief writeup of post exploitation methodologies.☆17Updated 11 months ago
- Bypass AMSI By Dividing files into multiple smaller files☆45Updated last year