n00py / NorkNork
Powershell Empire Persistence finder
☆116Updated 7 years ago
Related projects: ⓘ
- Generate ATT&CK Navigator layer file from PowerShell Empire agent logs☆47Updated 6 years ago
- POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's s…☆102Updated 7 years ago
- ☆35Updated this week
- 504 VSAgent☆22Updated 6 years ago
- This is a simple parser for/decrypter for Impacket's esentutl.py utility. It assists with decrypting hashes and hash histories from ntds.…☆70Updated 7 years ago
- Credit to Helge Klein - https://helgeklein.com/blog/2015/02/creating-realistic-test-user-accounts-active-directory/☆69Updated 6 years ago
- ☆76Updated 6 years ago
- ☆85Updated this week
- A collection of scripts I've written to help red and blue teams with malware persistence techniques.☆124Updated 6 years ago
- ☆59Updated 5 years ago
- Conveigh is a Windows PowerShell LLMNR/NBNS spoofer detection tool☆91Updated 8 years ago
- An offensive Powershell console☆30Updated 8 years ago
- A powershell script for creating a Windows honeyport.☆87Updated 8 years ago
- Comprehensive Pivoting Framework☆20Updated 8 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆85Updated 6 years ago
- IR-Tools - PowerShell tools for IR☆128Updated 7 years ago
- Python script for analyis of the "Trust.csv" file generated by Veil PowerView. Provides graph based analysis and output.☆116Updated 4 years ago
- 3 tools that work together to simplify reconaissance of Windows File Shares☆161Updated 6 years ago
- Speeds up the extraction of password hashes from ntds.dit files. For use with the ntdsxtract project or the dshash script☆27Updated 7 months ago
- ☆111Updated 7 years ago
- Reconnaissance tool for Microsoft Office 365☆66Updated 5 years ago
- lterm is a small script built to install a bash hook for full terminal logging.☆53Updated 7 years ago
- PowerShell No Agent Hunting☆107Updated 6 years ago
- The AwesomerShell Code Sample☆49Updated 8 years ago
- CloudBurst is a red team framework for interacting with cloud providers to capture, compromise, and exfil data.☆36Updated 6 years ago
- A collection of files for adding and leveraging custom properties in BloodHound.☆181Updated 4 years ago
- Useful Threat Hunting Stuff☆31Updated 4 years ago
- ☆97Updated 8 years ago
- A ton of helpful tools☆39Updated 2 years ago
- Obfuscated Penetration Testing PowerShell scripts☆131Updated 8 years ago