Assortment of scripts and tools for our Blackhat EU 2024 talk
☆105Feb 6, 2025Updated last year
Alternatives and similar repositories for defending-off-the-land
Users that are interested in defending-off-the-land are comparing it to the libraries listed below
Sorting:
- JamfHound is a python3 project designed to collect and identify attack paths in Jamf Pro tenants based on existing object permissions by …☆121Sep 2, 2025Updated 6 months ago
- Addon for BHCE☆58Apr 1, 2025Updated 11 months ago
- Fast and easy to use CLI-based file encryption program 📦☆13Oct 12, 2025Updated 4 months ago
- ☆23Mar 4, 2025Updated last year
- Tool created for Red Team to test default credentials on SSH and WinRM and then execute scripts with those credentials before the passwor…☆40May 7, 2023Updated 2 years ago
- Linux CS bypass technique☆32Feb 4, 2025Updated last year
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆84Jan 30, 2026Updated last month
- Framework for Monitoring File Ingestion Source for Yara Matches☆50Mar 10, 2025Updated 11 months ago
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆41Dec 8, 2023Updated 2 years ago
- Validates priv escalation of AD trusts☆47Apr 1, 2025Updated 11 months ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- ForsHops☆152Mar 25, 2025Updated 11 months ago
- ☆17Jan 9, 2025Updated last year
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated 11 months ago
- Hijack a slack bot to phish your way in☆57Jul 17, 2025Updated 7 months ago
- AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. …☆110Jul 21, 2025Updated 7 months ago
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆168Dec 7, 2025Updated 3 months ago
- Listener that spawns a new tmux window for each incoming reverse shell + Supports listening on many ports☆60Jul 13, 2025Updated 7 months ago
- Cobalt Strike BOF for evasive .NET assembly execution☆308Mar 31, 2025Updated 11 months ago
- A tool to remotely detect unusual sessions opened on windows machines using RPC☆119Jun 10, 2025Updated 8 months ago
- A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit☆118Aug 9, 2024Updated last year
- 🖥️ Windows 🚀 A Windows tool for emergency privacy: instantly deletes sensitive data and active logins to protect my information during …☆54Jan 26, 2026Updated last month
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated last year
- ☆53Feb 4, 2025Updated last year
- APT Emulation tool to exfiltrate sensitive .docx, .pptx, .xlsx, .pdf files☆96Apr 2, 2025Updated 11 months ago
- 🌑 EclipseRecon is a personal project developed during my cybersecurity learning journey 🛡️. It helps practice web reconnaissance 🌐 by …☆29Nov 26, 2025Updated 3 months ago
- Nakamoto is a 2 layer encryption tool to protect your data and your cyptocurrency☆15Nov 13, 2025Updated 3 months ago
- ☆42Dec 24, 2025Updated 2 months ago
- SAM Dumping in C#☆54Nov 27, 2025Updated 3 months ago
- A multifaceted security tool which leverages Public GitHub REST APIs for OSINT, Forensics, Pentesting and more.☆173Jan 9, 2026Updated 2 months ago
- A python library to create BloodHound OpenGraphs☆54Feb 4, 2026Updated last month
- Logging tool intended for red team usage☆35Dec 5, 2025Updated 3 months ago
- ☆163Nov 19, 2025Updated 3 months ago
- C# alternative to the linux "cat" command... Prints file contents to console. For use with Cobalt Strike's Execute-Assembly☆15Jul 15, 2021Updated 4 years ago
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆399Jul 23, 2025Updated 7 months ago
- TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and …☆382Jan 23, 2025Updated last year
- Enumerate domain machine accounts and perform pre2k password spraying.☆69Jul 14, 2023Updated 2 years ago
- Persist like a Dodder☆68May 19, 2025Updated 9 months ago
- Async Python library to parse local and remote disk images.☆82Jul 11, 2025Updated 7 months ago