Pinned Repositories
AdsiPS
PowerShell module to interact with Active Directory using ADSI and the System.DirectoryServices namespace (.NET Framework)
azrecon
Az Enum & Recon Cheat Sheet
azure-docs
Open source documentation of Microsoft Azure
CallDismLib
An expamle project calling Windows Deployment Imaging Service Management COM API.
COFFLoader2
Load and execute COFF files and Cobalt Strike BOFs in-memory
crestronEDK-scripts
Powershell Scripts for configuring creston devices
Cronos-Rootkit
Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
CVE-2017-6079-Blind-Command-Injection-In-Edgewater-Edgemarc-Devices-Exploit
DllIconHandler
Shows different icons for 64 and 32-bit DLLs. Register with RegSvr32 to install
PSReddit
A PowerShell module for working with Reddit via its REST API
Jeff-Jerousek's Repositories
Jeff-Jerousek/COFFLoader2
Load and execute COFF files and Cobalt Strike BOFs in-memory
Jeff-Jerousek/DllIconHandler
Shows different icons for 64 and 32-bit DLLs. Register with RegSvr32 to install
Jeff-Jerousek/ADSecurity
Place where I'm putting all the scripts and config files regarding Active Directory Security.
Jeff-Jerousek/azure-mask
A browser extension (Chrome, Firefox) that toggles concealment of sensitive information found in the Azure Portal web page such as Subscription Id's
Jeff-Jerousek/CallCbsCore
A practice of calling the undocumented CBS API.
Jeff-Jerousek/Certipy
Tool for Active Directory Certificate Services enumeration and abuse
Jeff-Jerousek/Cloud-PAW-Management
Microsoft Endpoint Manager (Intune) Cloud Privileged Access Workstation (PAW) Lifecycle Management and Deployment App.
Jeff-Jerousek/CVE-2021-40444--CABless
Modified code so that we don´t need to rely on CAB archives
Jeff-Jerousek/DefenderNotify
NotifyIcon for Defender from WMI Event Watcher task
Jeff-Jerousek/Fbpf-hookdetect
Dectect syscall hooking using eBPF
Jeff-Jerousek/Fcmd32
Fork of https://github.com/klinix5/InstallerFileTakeOver
Jeff-Jerousek/fRPCDump
Jeff-Jerousek/heyserial
Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, and rule types
Jeff-Jerousek/HiveNightmare
Exploit allowing you to read registry hives as non-admin on Windows 10 and 11
Jeff-Jerousek/LiveDiffAD
AD Live changes viewer
Jeff-Jerousek/Pachine
Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)
Jeff-Jerousek/pcodedmp
A VBA p-code disassembler
Jeff-Jerousek/pinvoke
PowerShell module containing all the PInvoke signatures published by Microsoft.
Jeff-Jerousek/PSPrivilege
Manage process privileges and adjust Windows rights/privileges in PowerShell
Jeff-Jerousek/ReverseRDP_RCE
Jeff-Jerousek/RpcView
RpcView is a free tool to explore and decompile Microsoft RPC interfaces
Jeff-Jerousek/Run-in-Sandbox
Run PS1, VBS, EXE, MSI in Windows Sandbox very quickly just from a right-click
Jeff-Jerousek/scripts
Jeff-Jerousek/SDNNested
Jeff-Jerousek/securedworkstation
Intune managed Secured workstation
Jeff-Jerousek/sysmon-config
Sysmon configuration file template with default high-quality event tracing
Jeff-Jerousek/SysmonSimulator
Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.
Jeff-Jerousek/UEFITool
UEFI firmware image viewer and editor
Jeff-Jerousek/WDACTools
A PowerShell module to facilitate building, configuring, deploying, and auditing Windows Defender Application Control (WDAC) policies
Jeff-Jerousek/zipsign
Sign and verify ZIP archives