GossiTheDog / zeroday
☆72Updated this week
Related projects: ⓘ
- ☆59Updated 5 years ago
- A collection of PowerShell Modules for BloodHound/Empire Orchestration☆104Updated 6 years ago
- POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's s…☆102Updated 7 years ago
- All materials from our Black Hat 2018 "Subverting Sysmon" talk☆136Updated 6 years ago
- A bunch of useful SSH tools for powershell☆118Updated 5 years ago
- Slides from various talks that I've given over the years☆117Updated last year
- Active Directory enumeration from non-domain system.☆116Updated 7 years ago
- PowerShell oneliner to retrieve wdigest passwords from the memory☆218Updated 6 years ago
- Dashboarding and Tooling front-end for PowerShell Empire using PowerShell Universal Dashboard☆104Updated 5 years ago
- ☆84Updated this week
- ☆97Updated 8 years ago
- This is a simple parser for/decrypter for Impacket's esentutl.py utility. It assists with decrypting hashes and hash histories from ntds.…☆70Updated 7 years ago
- DNSDelivery provides delivery and in memory execution of shellcode or .Net assembly using DNS requests delivery channel.☆146Updated 4 years ago
- The Outlook HTML Leak Test Project☆132Updated 6 years ago
- Powershell Empire Persistence finder☆116Updated 7 years ago
- Collection of scripts for interacting with AD Kerberos from Linux☆71Updated 6 years ago
- IR-Tools - PowerShell tools for IR☆128Updated 7 years ago
- ☆111Updated 7 years ago
- Liniaal - A communication extension to Ruler☆96Updated 6 years ago
- A powershell script for creating a Windows honeyport.☆87Updated 8 years ago
- DefCon24☆119Updated 8 years ago
- DropboxC2C is a post-exploitation agent which uses Dropbox Infrastructure for command and control operations.☆145Updated 5 years ago
- ☆108Updated 7 years ago
- Pypykatz server☆124Updated 5 years ago
- Slides and reference material from Evading Autoruns presentation at DerbyCon 7 (September 2017)☆102Updated 3 years ago
- A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs.☆168Updated last year
- Materials of Workshop presented at DEFCON 25☆107Updated 7 years ago
- ☆132Updated this week
- Pypykatz agent implemented in .NET☆85Updated 5 years ago