Wordlist, rules and masks from Kaonashi project (RootedCON 2019)
☆1,081Apr 22, 2022Updated 3 years ago
Alternatives and similar repositories for Kaonashi
Users that are interested in Kaonashi are comparing it to the libraries listed below
Sorting:
- large hashcat rulesets generated from real-world compromised passwords☆400Nov 26, 2020Updated 5 years ago
- TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts☆1,371Oct 22, 2025Updated 4 months ago
- NTLMv1 Multitool☆659Feb 26, 2026Updated last week
- Rule for hashcat or john. Aiming to crack how people generate their password☆459Sep 2, 2024Updated last year
- a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )☆2,745Feb 27, 2026Updated last week
- ☆360Apr 24, 2021Updated 4 years ago
- Extract credentials from lsass remotely☆2,178Dec 24, 2025Updated 2 months ago
- One rule to crack all passwords. or atleast we hope so.☆1,608Dec 9, 2021Updated 4 years ago
- MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, i…☆3,213Aug 7, 2025Updated 7 months ago
- KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default…☆1,633Aug 6, 2022Updated 3 years ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,607Jul 10, 2023Updated 2 years ago
- Privilege Escalation Enumeration Script for Windows☆3,714Jan 30, 2026Updated last month
- Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, …☆932Nov 11, 2024Updated last year
- ☆1,674Apr 14, 2025Updated 10 months ago
- Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient☆1,556Oct 17, 2022Updated 3 years ago
- Remove duplicates from MASSIVE wordlist, without sorting it (for dictionary-based password cracking)☆965Nov 4, 2025Updated 4 months ago
- OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team…☆819Oct 27, 2023Updated 2 years ago
- Identifies the bytes that Microsoft Defender flags on.☆2,585Dec 31, 2025Updated 2 months ago
- Automation for internal Windows Penetrationtest / AD-Security☆3,645Aug 28, 2025Updated 6 months ago
- Wiki to collect Red Team infrastructure hardening resources☆4,454Oct 1, 2025Updated 5 months ago
- Enumerate information from NTLM authentication enabled web endpoints 🔎☆504Sep 23, 2025Updated 5 months ago
- ScareCrow - Payload creation framework designed around EDR bypass.☆2,876Aug 18, 2023Updated 2 years ago
- Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure …☆2,796Feb 18, 2026Updated 2 weeks ago
- PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.☆2,189Aug 15, 2024Updated last year
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆866Mar 20, 2023Updated 2 years ago
- A revamped and updated version of my original OneRuleToRuleThemAll hashcat rule☆617Oct 16, 2024Updated last year
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.☆783Oct 16, 2025Updated 4 months ago
- NTLM relaying for Windows made easy☆579Apr 25, 2023Updated 2 years ago
- onedrive user enumeration - pentest tool to enumerate valid o365 users☆745Jul 29, 2025Updated 7 months ago
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…☆1,100Jun 10, 2024Updated last year
- Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling☆1,259Mar 19, 2025Updated 11 months ago
- This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, …☆2,437Mar 2, 2026Updated last week
- Custom Query list for the Bloodhound GUI based off my cheatsheet☆837Oct 29, 2025Updated 4 months ago
- Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (c…☆1,052Nov 9, 2024Updated last year
- Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket☆614Aug 15, 2025Updated 6 months ago
- A swiss army knife for pentesting networks☆9,086Dec 6, 2023Updated 2 years ago
- Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.☆1,266Dec 9, 2025Updated 3 months ago
- Trying to tame the three-headed dog.☆4,913Nov 14, 2025Updated 3 months ago
- A tool to perform Kerberos pre-auth bruteforcing☆3,258Aug 20, 2024Updated last year