SpiderLabs / Firework
Firework is a proof of concept tool to interact with Microsoft Workplaces creating valid files required for the provisioning process.
☆45Updated 4 years ago
Alternatives and similar repositories for Firework:
Users that are interested in Firework are comparing it to the libraries listed below
- Quick PoC I Wrote for Bypassing Next Gen AV Remotely for Pentesting☆41Updated 6 years ago
- WhiteBox CMS analysis☆69Updated last year
- Quick and dirty System (Power)Shell using NamedPipe impersonation.☆43Updated 8 years ago
- Disrupt WAF by abusing SSL/TLS Ciphers☆48Updated 6 years ago
- AWS S3 Bucket/Object Finder☆25Updated 7 years ago
- Web Filter External Enumeration Tool (WebFEET)☆76Updated 10 years ago
- C2Shell is a shell script designed for a fast deploy of C&C servers for Red Team Operations.☆2Updated 4 years ago
- Mimikatz HashClash☆12Updated 9 years ago
- ☆19Updated 7 years ago
- When CactusTorch meets WebDavDelivery and obfuscation☆63Updated 7 years ago
- Powershell Persistence Locator☆66Updated 8 years ago
- Generate pentest reports based on github issues.☆17Updated 2 years ago
- Windows LNK/URL shortcut auto-binding hotkey (not a bug, feature)☆30Updated 7 years ago
- CVE-2017-8570 Exploit☆21Updated 7 years ago
- Comprehensive Pivoting Framework☆20Updated 8 years ago
- BlackHat Europe 2017 Slides☆26Updated 7 years ago
- A C# web handler that is vulnerable to XXE with PoC. This is to serve as an example of what vulnerable C# code looks like.☆26Updated 11 years ago
- C&C to deliver files and shuttle command execution instructions between an external actor and an internal agent with the help of Firefox …☆38Updated 2 years ago
- Empire HTTP(S) C2 redirector setup script☆47Updated 6 years ago
- Powershell script which will take any payload and put it in the a bat script which delivers the payload. The payload is delivered using e…☆53Updated last year
- PHDAYS |||☆17Updated 11 years ago
- A tool to help you manage your leaks☆34Updated 7 years ago
- Password spraying script and helper for creating password lists☆34Updated 4 years ago
- Scan for OSGi Consoles☆21Updated last year
- AMSI bypass stager generator☆29Updated 6 years ago
- Async'ly gather unique usernames thru null SMB sessions and bruteforce them with 2 passwords☆51Updated 7 years ago
- Issues to consider when planning a red team exercise.☆15Updated 7 years ago
- Spray SMB with hashes, Then psexec☆32Updated 5 years ago
- Environmental (and http) keying for scripting languages☆39Updated 6 years ago
- Strutsy - Mass exploitation of Apache Struts (CVE-2017-5638) vulnerability☆10Updated 6 years ago