blackhillsinfosec / skyhook
A round-trip obfuscated HTTP file transfer setup built to bypass IDS detections.
☆249Updated 4 months ago
Related projects: ⓘ
- Utility to craft HTML or SVG smuggled files for Red Team engagements☆226Updated 6 months ago
- User Enumeration of Microsoft Teams users via API☆109Updated 5 months ago
- ☆171Updated last month
- Ping-based Information Lookup and Outbound Transfer☆70Updated 5 months ago
- Easy red team phishing with Puppeteer☆127Updated last year
- Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit☆119Updated last month
- ☆282Updated 9 months ago
- Everything and anything related to password spraying☆122Updated 4 months ago
- Slides and Codes used for the workshop Red Team Infrastructure Automation☆169Updated 5 months ago
- ☆262Updated last week
- LOLAPPS is a compendium of applications that can be used to carry out day-to-day exploitation.☆125Updated 8 months ago
- Low and slow password spraying tool, designed to spray on an interval over a long period of time☆186Updated 2 months ago
- Finding all things on-prem Microsoft for password spraying and enumeration.☆251Updated 2 years ago
- ☆96Updated 10 months ago
- Impacket is a collection of Python classes for working with network protocols.☆267Updated this week
- C2 Automation using Linode☆78Updated last year
- linikatz is a tool to attack AD on UNIX☆134Updated 11 months ago
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆259Updated 11 months ago
- Bounces when a fish bites - Evilginx database monitoring with exfiltration automation☆155Updated 3 months ago
- Generate graphs and charts based on password cracking result☆152Updated last year
- A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.☆327Updated 6 months ago
- A comprehensive workshop aimed to equip participants with an in-depth understanding of modern Command and Control (C2) concepts, focusing…☆97Updated last year
- Azure DevOps Services Attack Toolkit☆252Updated last month
- Azure mindmap for penetration tests☆157Updated 10 months ago
- ☆72Updated 6 months ago
- ☆195Updated last year
- PXEThief is a set of tooling that can extract passwords from the Operating System Deployment functionality in Microsoft Endpoint Configur…☆289Updated 3 months ago
- ☆260Updated last year
- ☆290Updated last year
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆121Updated 3 months ago