A collection of tools that I use in CTF's or for assessments
☆108Feb 2, 2025Updated last year
Alternatives and similar repositories for pentest-arsenal
Users that are interested in pentest-arsenal are comparing it to the libraries listed below
Sorting:
- Fully automated windows credentials dumper, for SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine with…☆80Nov 18, 2024Updated last year
- This OSINT Notebook provides an overview of the tools, techniques, and resources that I use for a variety of situations when it comes to …☆365Aug 14, 2024Updated last year
- Generate AES128 and AES256 Kerberos keys from a given username, password, and realm☆18Sep 18, 2024Updated last year
- Leak NTLM via Website tab in teams via MS Office☆79Mar 28, 2024Updated last year
- Execute commands in other Sessions☆91Jul 29, 2024Updated last year
- LDAP enumeration tool implemented in Python3☆224May 20, 2025Updated 9 months ago
- A simple website to act as a store for havoc modules and extensions☆28Jan 20, 2025Updated last year
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆211Jun 10, 2024Updated last year
- Tool for obtaining information about PPL processes☆16Feb 12, 2024Updated 2 years ago
- This repo for Windows x32-x64 Kernel/User Mode Exploitation writeups and exploits☆24Oct 20, 2025Updated 4 months ago
- This repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used…☆244Dec 6, 2024Updated last year
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Mar 27, 2025Updated 11 months ago
- ☆119Jan 30, 2024Updated 2 years ago
- ☆92May 15, 2024Updated last year
- Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.☆11May 17, 2024Updated last year
- ☆18Jun 25, 2024Updated last year
- x86_64 LKM linux rootkit☆16Jul 1, 2023Updated 2 years ago
- XOR-based shellcode encoder☆30Apr 20, 2023Updated 2 years ago
- List of Stuff I did to get through the OSCP :D☆329Dec 18, 2025Updated 2 months ago
- A companion tool that uses ADeleg to find insecure trustee and resource delegations in Active Directory☆314Feb 16, 2026Updated 3 weeks ago
- This repository provides a comprehensive Digital Footprint Checklist to help individuals manage their online presence and enhance privacy…☆17Dec 25, 2024Updated last year
- King of Bug Bounty Tips Simple Tool☆13Oct 2, 2021Updated 4 years ago
- Azure DevOps Services Attack Toolkit☆313Mar 15, 2025Updated 11 months ago
- Script to install prerequisites for deploying GOAD on Ubuntu Linux 22.04☆116Jun 12, 2024Updated last year
- Example code samples from our ScriptBlock Smuggling Blog post☆95Jun 18, 2024Updated last year
- ☆224Oct 22, 2023Updated 2 years ago
- ☆19Sep 1, 2025Updated 6 months ago
- Abusing Azure services over C2☆367Jan 20, 2026Updated last month
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆701May 7, 2025Updated 10 months ago
- ☆29May 16, 2023Updated 2 years ago
- A collection of all my personal cheat sheets and guides as I progress through my career in offensive security.☆282Oct 8, 2025Updated 5 months ago
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆892Updated this week
- Decrypt GlobalProtect configuration and cookie files.☆157Sep 10, 2024Updated last year
- Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386)☆63Feb 29, 2024Updated 2 years ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33May 30, 2024Updated last year
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆102Jun 16, 2024Updated last year
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆638May 8, 2025Updated 10 months ago
- ☆137Feb 11, 2025Updated last year
- This script analyzes the DCSync output file from several tools (such as Mimikatz, Secretsdump and SharpKatz...)☆68Mar 17, 2025Updated 11 months ago