Static-Flow / CloudCopy
This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapshot permission.
☆115Updated 4 years ago
Related projects: ⓘ
- Parse NTLM challenge messages over HTTP and SMB☆140Updated last year
- Example Vulnerable .NET HTTP Remoting☆73Updated 5 years ago
- ☆189Updated 4 years ago
- Powershell module to get the NetNTLMv2 hash of the current user☆92Updated 2 years ago
- This Repository contains the stuff related to windows Active directory environment exploitation☆145Updated last year
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. It will automatically g…☆98Updated last year
- Aggressor Scripts for Cobalt Strike☆77Updated 6 months ago
- ☆128Updated last year
- Cisco AnyConnect < 4.8.02042 privilege escalation through path traversal☆104Updated 4 years ago
- A tool to password spray Jenkins instances☆51Updated 5 years ago
- CVE-2018-9276 PRTG < 18.2.39 Authenticated Command Injection (Reverse Shell)☆36Updated 3 years ago
- Terraform resources for building HTTP, DNS, phishing, and mail server red team infrastructure☆93Updated 5 years ago
- Aggressor scripts for phases of a pen test or red team assessment☆171Updated last month
- "Powershell script assisting with domain enumerating and in finding quick wins" - Basically written while doing the 'Advanced Red Team' l…☆79Updated 3 years ago
- An Insider Threat Toolkit☆149Updated 5 years ago
- Malleable C2 profiles for Cobalt Strike☆67Updated 2 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆41Updated 4 years ago
- A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts t…☆59Updated 5 years ago
- checkO365 is a tool to check if a target domain is using O365☆84Updated 6 years ago
- ☆97Updated 3 weeks ago
- Spray a hash via smb to check for local administrator access☆140Updated 3 years ago
- ☆22Updated 6 years ago
- DupeKeyInjector☆134Updated 2 years ago
- cloud-proxy creates multiple DO droplets and then starts local socks proxies using SSH☆62Updated 2 years ago
- An Ansible role for installing Cobalt Strike.☆73Updated last month
- Basic password spraying tool for internal tests and red teaming☆89Updated 4 years ago
- Tool to discover Resource-Based Constrained Delegation attack paths in Active Directory environments☆116Updated 3 years ago
- Cobalt Strike Aggressor script menu for Powerview/SharpView☆126Updated 6 years ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆105Updated 4 years ago
- ☆80Updated 2 years ago