Octoberfest7 / OSEP-Tools
β234Updated 2 years ago
Alternatives and similar repositories for OSEP-Tools:
Users that are interested in OSEP-Tools are comparing it to the libraries listed below
- A collection of code snippets built to assist with breaking chains.β116Updated 9 months ago
- PowerShell Constrained Language Mode Bypassβ247Updated 4 years ago
- π Orange Tsai EventViewer RCEβ181Updated 2 years ago
- Lists who can read any gMSA password blobs and parses them if the current user has access.β259Updated last year
- Materials for the workshop "Red Team Ops: Havoc 101"β365Updated 4 months ago
- Kerberoast with ACL abuse capabilitiesβ403Updated 2 months ago
- From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controllerβ412Updated last month
- Collection of some of my own tools with other great open source tools out there packaged into a powershell moduleβ143Updated 2 years ago
- AD ACL abuseβ275Updated this week
- Local privilege escalation from SeImpersonatePrivilege using EfsRpc.β309Updated 2 years ago
- Custom Queries - Brought Up to BH4.1 syntaxβ241Updated 3 months ago
- PEN-300 collection to help you on your exam.β367Updated 11 months ago
- Partial python implementation of SharpGPOAbuseβ388Updated 11 months ago
- A marriage between Octoberfest7/OSEP-Tools and chvancooten/OSEP-Code-Snippets with some improvements/additionsβ49Updated last month
- Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannelβ595Updated 7 months ago
- Creating a repository with all public Beacon Object Files (BoFs)β457Updated last year
- Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memoryβ383Updated 10 months ago
- Collection of remote authentication triggers in C#β473Updated 9 months ago
- Bypassing Kerberoast Detections with Modified KDC Options and Encryption Typesβ377Updated last year
- Attempt at Obfuscated version of SharpCollectionβ203Updated this week
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinelβ319Updated 11 months ago
- A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) witβ¦β511Updated 2 weeks ago
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR β¦β257Updated 2 years ago
- generate payloads that force authentication against an attacker machineβ100Updated 2 years ago
- BadAssMacros - C# based automated Malicous Macro Generator.β405Updated 3 years ago
- β309Updated 3 months ago
- Fork of BloodHound with PKI nodes and edges for Certipy along with some minor personal improvementsβ145Updated 2 years ago
- Useful C2 techniques and cheatsheets learned from engagementsβ461Updated 4 months ago
- Ad hoc collection of Red Teaming & Active Directory tooling.β180Updated last year
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.β388Updated last month