Pinned Repositories
0day-mikrotik
0day-Xploit
Fox Rsf v1
2022-LPE-UAF
PoC of various bugs in the Linux kernel
ActiveDirectoryAttackTool
ADAT is a small tool used to assist CTF players and Penetration testers with easy commands to run against an Active Directory Domain Controller. This tool is is best utilized using a set of known credentials against the host.
ActiveDirectoryHackingLabSetup
Setup a Active Directory lab to prepare for the OSCP
ActiveDirectoryPenTest
Different Attacks on an Active Directory environment
ADHuntTool
official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)
Adrena
Software Protector
ADReplStatus
AD Replication Status Tool
Slides
Misc Threat Hunting Resources
CPT-Jack-A-Castle's Repositories
CPT-Jack-A-Castle/0dayex-checker
Zeroday Microsoft Exchange Server checker (Virtual Patching checker)
CPT-Jack-A-Castle/ATP-PowerShell-Scripts
Microsoft Signed PowerShell scripts
CPT-Jack-A-Castle/CVE-2022-21661
The first poc video presenting the sql injection test from ( WordPress Core 5.8.2-'WP_Query' / CVE-2022-21661)
CPT-Jack-A-Castle/CVE-2022-2992
Authenticated Remote Command Execution in Gitlab via GitHub import
CPT-Jack-A-Castle/CVE-2022-30206
Exploit for CVE-2022-30206
CPT-Jack-A-Castle/CVE-2022-33679
One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html
CPT-Jack-A-Castle/CVE-2022-3368
CPT-Jack-A-Castle/CVE-2022-3602
CPT-Jack-A-Castle/cve-2022-3602-and-cve-2022-3786-openssl-poc
CPT-Jack-A-Castle/CVE-2022-3699
Lenovo Diagnostics Driver EoP - Arbitrary R/W
CPT-Jack-A-Castle/CVE-2022-40684
PoC for CVE-2022-40684 - Authentication bypass lead to Full device takeover (Read-only)
CPT-Jack-A-Castle/CVE-2022-41852
CVE-2022-41852 Proof of Concept (unofficial)
CPT-Jack-A-Castle/CVE-2022-42045
CPT-Jack-A-Castle/cve-2022-42889
cve-2022-42889 Text4Shell CVE-2022-42889 affects Apache Commons Text versions 1.5 through 1.9. It has been patched as of Commons Text version 1.10.
CPT-Jack-A-Castle/CVE-2022-42889-PoC
Proof of Concept for the Apache commons-text vulnerability CVE-2022-42889.
CPT-Jack-A-Castle/DCOMPotato
Some Service DCOM Object and SeImpersonatePrivilege abuse.
CPT-Jack-A-Castle/DragonCastle
A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.
CPT-Jack-A-Castle/DropBox-XPC-Exploit
A Template to Exploit PID Reuse Vulnerability in XPC service
CPT-Jack-A-Castle/hikvision
Hikvision log4j PoC
CPT-Jack-A-Castle/KasperskyHook
Hook system calls on Windows by using Kaspersky's hypervisor
CPT-Jack-A-Castle/Kernelhub
:palm_tree:Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)
CPT-Jack-A-Castle/OpenSSL-2022
Operational information regarding CVE-2022-3602 and CVE-2022-3786, two vulnerabilities in OpenSSL 3
CPT-Jack-A-Castle/PoC_CVEs
PoC_CVEs
CPT-Jack-A-Castle/PrintNotifyPotato
PrintNotifyPotato
CPT-Jack-A-Castle/ProxyNotShell-PoC
CPT-Jack-A-Castle/PS5-IPV6-Kernel-Exploit
An experimental webkit-based kernel exploit (Arb. R/W) for the PS5 on <= 4.51FW
CPT-Jack-A-Castle/redshift-jdbc-RCE
redshift-jdbc-RCE proof
CPT-Jack-A-Castle/security-research
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
CPT-Jack-A-Castle/SysmonEoP
CPT-Jack-A-Castle/Win7Blue
Scan/Exploit - EternalBlue MS17-010 - Windows 7 32/64 Bits