axylisdead / TenantHunterView external linksLinks
A small script to resolve domains to Azure AD tenants (and OAuth login portals)
☆29Jun 26, 2023Updated 2 years ago
Alternatives and similar repositories for TenantHunter
Users that are interested in TenantHunter are comparing it to the libraries listed below
Sorting:
- This repository is to provide a write-up and PoC for CVE-2023-41717.☆12Aug 31, 2023Updated 2 years ago
- A folder to serve tools from during PT/Red Team engagements. Contains common executables and scripts for privesc, recon, pivoting and CVE…☆15Mar 15, 2024Updated last year
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆35Mar 28, 2023Updated 2 years ago
- offensive security scripts and documentation☆30Dec 9, 2025Updated 2 months ago
- Tool for enumerating Active Directory environments☆48Aug 10, 2023Updated 2 years ago
- This project explores secure remote access using Metasploit's reverse TCP payloads. Ethically and responsibly, we showcase potential risk…☆29Aug 13, 2023Updated 2 years ago
- MacroExploit use in excel sheet☆20Jun 12, 2023Updated 2 years ago
- This is the ringzer0 writeup of web exploitation catagery. The name is "Word mean something"☆14Dec 8, 2023Updated 2 years ago
- Reverse backdoor written in PowerShell and obfuscated with Python. It generates payloads for popular hacking devices like Flipper Zero an…☆31Jun 19, 2023Updated 2 years ago
- A Ruby micro-framework for writing and running exploit payloads☆23Jan 16, 2026Updated 3 weeks ago
- it is malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web pag…☆117Jul 18, 2023Updated 2 years ago
- Duplicate not owned Token from Running Process☆74Jul 21, 2023Updated 2 years ago
- Experience the power of a PHP webshell designed to overcome the limitations of blacklisted system/exec functions.☆24Jul 14, 2024Updated last year
- Enumerate domain machine accounts and perform pre2k password spraying.☆69Jul 14, 2023Updated 2 years ago
- Only for educational purposes☆12Jun 17, 2023Updated 2 years ago
- Distributed phishing framework designed to streamline offensive security phishing☆41Feb 16, 2023Updated 2 years ago
- Wordpress Plugin Canto < 3.0.5 - Remote File Inclusion (RFI) and Remote Code Execution (RCE)☆15Nov 24, 2023Updated 2 years ago
- ☆11Aug 31, 2023Updated 2 years ago
- It is a tool for scanning and exploiting the famous SQL injection vulnerability in more than millions of sites. The exploit was programme…☆67Jul 1, 2024Updated last year
- A graphical automation to monitor if backdoors/default settings are still active on the compromised machines over time.☆45Mar 8, 2024Updated last year
- The remediation script should set the reg entries described in https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884 . The…☆27Jul 21, 2023Updated 2 years ago
- ☆25Jan 11, 2023Updated 3 years ago
- Google Calendar RAT is a PoC of Command&Control over Google Calendar Events☆261Aug 19, 2025Updated 5 months ago
- TL;DR: Mutate a binary to identify potential exploit candidates☆11Jan 12, 2026Updated last month
- An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component☆11Aug 5, 2023Updated 2 years ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆108Sep 22, 2023Updated 2 years ago
- ScanExp automates the scanning of any machine's open ports via the ip address and performs a brute force attack on ports 20, 21 for the F…☆26Oct 14, 2023Updated 2 years ago
- NoBlindi is a command-line tool for exploiting blind NoSQL injection vulnerabilities to recover passwords in web applications.☆28Nov 12, 2023Updated 2 years ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆52Jul 15, 2023Updated 2 years ago
- ☆29May 16, 2023Updated 2 years ago
- Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts☆127Dec 23, 2025Updated last month
- ☆16Oct 18, 2024Updated last year
- A web service to clean documents from potentially privacy-invasive metadata☆49Apr 29, 2025Updated 9 months ago
- A utility to fetch and display dns names from the SSL/TLS cert data☆16Aug 11, 2023Updated 2 years ago
- There were no proper POCs for CVE-2023-30533 so I made one. (Reported by Vsevolod Kokorin)☆12Aug 9, 2023Updated 2 years ago
- badger-builder is an AI-assisted tool for generating dynamic Brute Ratel C4 profiles☆54Nov 21, 2024Updated last year
- Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer☆17Mar 4, 2023Updated 2 years ago
- Encodes a payload within a generated mock-CSS file☆59Sep 18, 2023Updated 2 years ago
- A demo exploit for CVE-2021-44026, a SQL injection in Roundcube☆13Dec 22, 2023Updated 2 years ago