kaonashi-passwords / KaonashiView external linksLinks
Wordlist, rules and masks from Kaonashi project (RootedCON 2019)
☆1,078Apr 22, 2022Updated 3 years ago
Alternatives and similar repositories for Kaonashi
Users that are interested in Kaonashi are comparing it to the libraries listed below
Sorting:
- large hashcat rulesets generated from real-world compromised passwords☆399Nov 26, 2020Updated 5 years ago
- TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts☆1,368Oct 22, 2025Updated 3 months ago
- NTLMv1 Multitool☆662Nov 30, 2025Updated 2 months ago
- Rule for hashcat or john. Aiming to crack how people generate their password☆459Sep 2, 2024Updated last year
- a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )☆2,722Feb 2, 2026Updated 2 weeks ago
- ☆360Apr 24, 2021Updated 4 years ago
- One rule to crack all passwords. or atleast we hope so.☆1,598Dec 9, 2021Updated 4 years ago
- Extract credentials from lsass remotely☆2,178Dec 24, 2025Updated last month
- MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, i…☆3,206Aug 7, 2025Updated 6 months ago
- KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default…☆1,629Aug 6, 2022Updated 3 years ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,594Jul 10, 2023Updated 2 years ago
- Privilege Escalation Enumeration Script for Windows☆3,697Jan 30, 2026Updated 2 weeks ago
- Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, …☆930Nov 11, 2024Updated last year
- ☆1,667Apr 14, 2025Updated 10 months ago
- Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient☆1,551Oct 17, 2022Updated 3 years ago
- Remove duplicates from MASSIVE wordlist, without sorting it (for dictionary-based password cracking)☆966Nov 4, 2025Updated 3 months ago
- OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team…☆819Oct 27, 2023Updated 2 years ago
- Identifies the bytes that Microsoft Defender flags on.☆2,578Dec 31, 2025Updated last month
- Automation for internal Windows Penetrationtest / AD-Security☆3,641Aug 28, 2025Updated 5 months ago
- Enumerate information from NTLM authentication enabled web endpoints 🔎☆504Sep 23, 2025Updated 4 months ago
- Wiki to collect Red Team infrastructure hardening resources☆4,442Oct 1, 2025Updated 4 months ago
- ScareCrow - Payload creation framework designed around EDR bypass.☆2,867Aug 18, 2023Updated 2 years ago
- Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure …☆2,765Nov 15, 2025Updated 3 months ago
- PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.☆2,175Aug 15, 2024Updated last year
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆863Mar 20, 2023Updated 2 years ago
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.☆778Oct 16, 2025Updated 4 months ago
- NTLM relaying for Windows made easy☆579Apr 25, 2023Updated 2 years ago
- onedrive user enumeration - pentest tool to enumerate valid o365 users☆741Jul 29, 2025Updated 6 months ago
- A revamped and updated version of my original OneRuleToRuleThemAll hashcat rule☆590Oct 16, 2024Updated last year
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…☆1,083Jun 10, 2024Updated last year
- This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, …☆2,416Jan 13, 2026Updated last month
- Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling☆1,254Mar 19, 2025Updated 10 months ago
- Custom Query list for the Bloodhound GUI based off my cheatsheet☆836Oct 29, 2025Updated 3 months ago
- Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket☆610Aug 15, 2025Updated 6 months ago
- Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (c…☆1,049Nov 9, 2024Updated last year
- A swiss army knife for pentesting networks☆9,056Dec 6, 2023Updated 2 years ago
- Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.☆1,258Dec 9, 2025Updated 2 months ago
- Trying to tame the three-headed dog.☆4,883Nov 14, 2025Updated 3 months ago
- A tool to perform Kerberos pre-auth bruteforcing☆3,246Aug 20, 2024Updated last year