outflanknl / RedELK-workshop
Items related to the RedELK workshop given at security conferences
☆28Updated last year
Alternatives and similar repositories for RedELK-workshop:
Users that are interested in RedELK-workshop are comparing it to the libraries listed below
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33Updated 9 months ago
- ☆47Updated 2 years ago
- Create PDFs with HTML smuggling attachments that save on opening the document.☆29Updated last year
- in-process powershell runner for BRC4☆44Updated last year
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆25Updated 2 years ago
- .NET port of Leron Gray's azbelt tool.☆26Updated last year
- ☆16Updated 5 months ago
- Quick and dirty PowerShell script to abuse the overly permissive capabilities of the SYSTEM user in a child domain on the Public Key Serv…☆25Updated last year
- This repository focuses on replicating the behavioral patterns observed in well-documented APT campaigns.☆11Updated last week
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆33Updated last year
- Scripts to interact with Microsoft Graph APIs☆36Updated 4 months ago
- ☆15Updated last year
- ☆17Updated 3 months ago
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆31Updated 10 months ago
- A simple rpc2socks alternative in pure Go.☆28Updated 8 months ago
- A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80☆19Updated last year
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated 8 months ago
- ☆16Updated last year
- DFSCoerce exe revisited version with custom authentication☆38Updated last year
- Bunch of BOF files☆30Updated 3 months ago
- Brute Ratel LDAP filtering and sorting tool. Easily take BR log output and pull hostnames for ease of use with other red team tooling. Su…☆37Updated last year
- Modified version of Impacket to use dynamic NTLMv2 Challenge/Response☆19Updated 2 years ago
- Example of using Sleep to create better named pipes.☆41Updated last year
- ☆48Updated last year
- ☆15Updated last year
- Extract registry and NTDS secrets from local or remote disk images☆37Updated this week
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Updated 2 years ago
- A BOF tool that can be used to collect passwords using CredUIPromptForWindowsCredentialsName.☆13Updated 2 years ago
- Perform Windows domain enumeration via LDAP☆36Updated 2 years ago