trustedsec / specula
☆171Updated last month
Related projects: ⓘ
- Slides and Codes used for the workshop Red Team Infrastructure Automation☆169Updated 5 months ago
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆259Updated 11 months ago
- Malware As A Service☆117Updated 6 months ago
- ☆290Updated last year
- MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.☆167Updated last month
- ☆114Updated 2 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆193Updated 3 months ago
- Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)☆150Updated last month
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆233Updated 4 months ago
- Retired TrustedSec Capabilities☆218Updated last week
- C2 Infrastructure Automation☆82Updated last month
- Bounces when a fish bites - Evilginx database monitoring with exfiltration automation☆155Updated 3 months ago
- ☆174Updated 5 months ago
- Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit☆119Updated last month
- A suite of tools to disrupt campaigns using the Sliver C2 framework.☆245Updated last year
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆87Updated last year
- ☆262Updated this week
- Extracting NetNTLM without touching lsass.exe☆223Updated 9 months ago
- Make everyone in your VLAN ASRep roastable☆114Updated 3 months ago
- linikatz is a tool to attack AD on UNIX☆134Updated 11 months ago
- Kill AV/EDR leveraging BYOVD attack☆301Updated last year
- Timeroasting scripts by Tom Tervoort☆176Updated last year
- Python utility that generates "imageless" QR codes in various formats☆88Updated last month
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆171Updated last year
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆239Updated last year
- Custom Queries - Brought Up to BH4.1 syntax☆217Updated last year
- Retrieve and display information about active user sessions on remote computers. No admin privileges required.☆126Updated last month
- Dump lsass using only NTAPIS running 3 programs to create 3 JSON and 1 ZIP file... and generate the Minidump later!☆277Updated this week
- Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST☆156Updated 11 months ago
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel