Pinned Repositories
ADenum
AD Enum is a pentesting tool that allows to find misconfiguration through the the protocol LDAP and exploit some of those weaknesses with kerberos.
bloodyAD
BloodyAD is an Active Directory Privilege Escalation Framework
Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
CVE-2021-1675
C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527
CVE-2021-34527
CVE-2024-38077-MadLicense
RDL的堆溢出导致的RCE
DFSCoerce
DSInternals
Directory Services Internals (DSInternals) PowerShell Module and Framework
Get-LAPSPasswords
Powershell function to pull the local admin passwords from LDAP, stored there by LAPS.
gMSADumper
Lists who can read any gMSA password blobs and parses them if the current user has access.
MiMaz7707's Repositories
MiMaz7707/ADenum
AD Enum is a pentesting tool that allows to find misconfiguration through the the protocol LDAP and exploit some of those weaknesses with kerberos.
MiMaz7707/bloodyAD
BloodyAD is an Active Directory Privilege Escalation Framework
MiMaz7707/Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
MiMaz7707/CVE-2024-38077-MadLicense
RDL的堆溢出导致的RCE
MiMaz7707/DFSCoerce
MiMaz7707/DSInternals
Directory Services Internals (DSInternals) PowerShell Module and Framework
MiMaz7707/gMSADumper
Lists who can read any gMSA password blobs and parses them if the current user has access.
MiMaz7707/impacket-cube0x0
Impacket is a collection of Python classes for working with network protocols.
MiMaz7707/Inveigh
.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers
MiMaz7707/krbrelayx
Kerberos unconstrained delegation abuse toolkit
MiMaz7707/LdapRelayScan
Check for LDAP protections regarding the relay of NTLM authentication
MiMaz7707/ntlmv1-multi
NTLMv1 Multitool
MiMaz7707/GMSAPasswordReader
MiMaz7707/KerberOPSEC
OPSEC safe Kerberoasting in C#
MiMaz7707/kerbrute
A tool to perform Kerberos pre-auth bruteforcing
MiMaz7707/ldapsearch-ad
Python3 script to quickly get various information from a domain controller through his LDAP service.
MiMaz7707/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
MiMaz7707/PCredz
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
MiMaz7707/PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
MiMaz7707/PrintNightmare
Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527)
MiMaz7707/pypykatz
Mimikatz implementation in pure Python
MiMaz7707/rpcfirewall
MiMaz7707/Rubeus
Trying to tame the three-headed dog.
MiMaz7707/Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
MiMaz7707/ShadowCoerce
MS-FSRVP coercion abuse PoC
MiMaz7707/SharpMapExec
MiMaz7707/SpoolSample
PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.
MiMaz7707/Wazuh-Rules
MiMaz7707/windows-coerced-authentication-methods
A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.
MiMaz7707/zui-insiders
Releases for the Zui Insiders app.