NetSPI / ruler

Related projects: ⓘ

• bodik / awesome-potatoes
  Study notes on Windows NTLM Reflection and token stealing based EOPs.
  ☆18Updated 3 years ago
• xforcered / xPipe
  Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions
  ☆51Updated 2 years ago
• felmoltor / goLAPS
  Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.
  ☆29Updated 3 months ago
• jfmaes / DeepSleep
  all credits go to @mgeeky
  ☆58Updated 2 years ago
• b1naryxx / AzureAD-Autologon-Password-Sprayer
  Multi-thread AzureAD Autologon SSO Password Sprayer.
  ☆38Updated 2 years ago
• bugch3ck / SharpLdapWhoami
  WhoAmI by asking the LDAP service on a domain controller.
  ☆58Updated 2 years ago
• djhohnstein / TSMSISrv_poc
  C# POC code for the SessionEnv dll hijack by utilizing called functions of TSMSISrv.dll
  ☆58Updated 5 years ago
• magisterquis / shelloverreversessh
  A little implant which SSH's back with a shell
  ☆36Updated 2 years ago
• synacktiv / CacheData_decrypt
  A simple Toolkit to BF and decrypt Windows EntraId CacheData
  ☆12Updated 3 months ago
• snovvcrash / RemoteRegSave
  A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host
  ☆37Updated 9 months ago
• joeminicucci / RedIra
  A cloud automation system for Red Teams based on Terraform and Ansible
  ☆24Updated 3 years ago
• nettitude / SyscallsExtractor
  ☆23Updated 2 years ago
• Allevon412 / BreadBear
  A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/
  ☆30Updated 6 months ago
• hyp3rlinx / NtFileSins
  Windows File Enumeration Intel Gathering Tool.
  ☆17Updated last year
• mobdk / WinBoost
  Execute Mimikatz with different technique
  ☆50Updated 2 years ago
• ZeroPointSecurity / Domain-Enumeration-Tool
  Perform Windows domain enumeration via LDAP
  ☆36Updated 2 years ago
• D1rkMtr / ADSrunner
  ☆22Updated this week
• NorthwaveSecurity / kernel-mii
  Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.
  ☆30Updated last year
• sneakid / DC30-PhineasTalk
  Slides for the talk we presented as UniPi at DefCon's Red Team Village
  ☆23Updated 2 years ago
• ropbear / CLMBypass
  Bypass Constrained Language Mode in PowerShell
  ☆26Updated 5 years ago
• WithSecureLabs / AMSIDetection
  AMSI detection PoC
  ☆30Updated 4 years ago
• R-Secure / AMSI-Bypasses
  This repository contains several AMSI bypasses. These bypasses are based on some very nice research that has been put out by some awesome…
  ☆23Updated 2 years ago
• eladshamir / BadWindowsService
  An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities
  ☆43Updated 2 years ago
• netwrix / server-untrust-account
  A technique for Active Directory domain persistence
  ☆38Updated last year
• 0xvm / csharp_reverse_shell
  c# reverse shell poc
  ☆27Updated 5 years ago
• Allevon412 / PPL_Sandboxer
  ☆79Updated 2 years ago
• cedowens / Mod_Rewrite_Automation
  Scripts to automate standing up apache2 with mod_rewrite in front of C2 servers.
  ☆46Updated 3 years ago
• Syslifters / split-bloodhound
  ☆17Updated last year
• aaaddress1 / xlsKami
  Out-of-the-Box Tool to Obfuscate Excel XLS. Include Obfuscation & Hide for Cell Labels & BoundSheets
  ☆47Updated 3 years ago
• RiccardoAncarani / talks
  ☆41Updated 2 years ago
• goichot / CVE-2020-3433
  PoCs and technical analysis of three vulnerabilities found on Cisco AnyConnect for Windows: CVE-2020-3433, CVE-2020-3434 and CVE-2020-343…
  ☆42Updated 3 years ago