WhiteOakSecurity / GoAWSConsoleSpray
Tool to spray AWS Console IAM Logins
☆28Updated 2 years ago
Alternatives and similar repositories for GoAWSConsoleSpray:
Users that are interested in GoAWSConsoleSpray are comparing it to the libraries listed below
- Multi-threaded C2 framework built in Flask with keylogger - from the Offensive C# Course by Naga Sai Nikhil☆20Updated 2 years ago
- Simple C2 using GitHub repository as comms channel.☆31Updated 4 months ago
- ☆30Updated 2 years ago
- ☆16Updated 2 years ago
- ☆52Updated last year
- ☆22Updated 3 years ago
- Azure pentesting reference for Altered Security Lab☆24Updated 3 years ago
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆30Updated last week
- Convert ldapdomaindump to Bloodhound☆78Updated last year
- Extract registry and NTDS secrets from local or remote disk images☆37Updated 6 months ago
- Office 365 and Exchange Enumeration Version 2☆18Updated last year
- Quick and dirty PowerShell script to abuse the overly permissive capabilities of the SYSTEM user in a child domain on the Public Key Serv…☆25Updated last year
- Determine privileges from cloud credentials via brute-force testing.☆67Updated 6 months ago
- Automation of Active Directory penetration testing tasks on top of BloodHound CE☆34Updated last year
- Script written in python to perform Resource-Based Constrained Delegation (RBCD) attack by leveraging Impacket toolkit.☆20Updated 3 years ago
- Perform Windows domain enumeration via LDAP☆36Updated 2 years ago
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Updated 2 years ago
- Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")☆57Updated last year
- A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…☆31Updated 2 years ago
- CLI Search for Security Operators of MITRE ATT&CK URLs☆16Updated 2 years ago
- Abuse Azure API permissions for red teaming☆61Updated 2 years ago
- CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"☆47Updated 3 years ago
- Parses Cobalt Strike malleable C2 profiles.☆51Updated this week
- My personal collection of webshells for educational purposes. Most are custom implementations/adaptations of stuff I found on the interne…☆19Updated 9 months ago
- ☆16Updated 11 months ago
- Secretsdump C# version only supporting local (live) operation☆49Updated last year
- Validates priv escalation of AD trusts☆35Updated 2 months ago
- Dump Kerberos tickets from the KCM database of SSSD☆49Updated 6 months ago