Pinned Repositories
htb-cli
Interact with Hackthebox using your terminal - Be faster and more competitive !
htb-cli-documentation
Official documentation for htb-cli
aclpwn.py
Active Directory ACL exploitation with BloodHound
Adalanche
Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)
adidnsdump
Active Directory Integrated DNS dumping by any authenticated user
gtsh
Exegol-images
Docker images of the Exegol project
qu35t-code's Repositories
qu35t-code/aclpwn.py
Active Directory ACL exploitation with BloodHound
qu35t-code/adidnsdump
Active Directory Integrated DNS dumping by any authenticated user
qu35t-code/ASRepCatcher
Make everyone in your VLAN ASRep roastable
qu35t-code/DonPAPI
Dumping DPAPI credz remotely
qu35t-code/Exegol-images
Docker images of the Exegol project
qu35t-code/FindUncommonShares
FindUncommonShares is a Python script allowing to quickly find uncommon shares in vast Windows Domains, and filter by READ or WRITE accesses.
qu35t-code/gMSADumper
Lists who can read any gMSA password blobs and parses them if the current user has access.
qu35t-code/gpp-decrypt
Tool to parse the Group Policy Preferences XML file which extracts the username and decrypts the cpassword attribute.
qu35t-code/hashonymize
Anonymize your hashcat formatted files for online cracking
qu35t-code/KeePwn
A python tool to automate KeePass discovery and secret extraction.
qu35t-code/krbjack
A Kerberos AP-REQ hijacking tool with DNS unsecure updates abuse.
qu35t-code/ldapdomaindump
Active Directory information dumper via LDAP
qu35t-code/ldapnomnom
Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (cLDAP)
qu35t-code/ldapsearch-ad
Python3 script to quickly get various information from a domain controller through his LDAP service.
qu35t-code/lightyear
lightyear is a tool to dump files in tedious (blind) conditions using PHP filters
qu35t-code/MANSPIDER
Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!
qu35t-code/mitm6
pwning IPv4 via IPv6
qu35t-code/penelope
Penelope Shell Handler
qu35t-code/PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
qu35t-code/polenum
Uses Core's Impacket Library to get the password policy from a windows machine
qu35t-code/pre2k
qu35t-code/pyLAPS
Python setter/getter for property ms-Mcs-AdmPwd used by LAPS.
qu35t-code/pywhisker
Python version of the C# tool for "Shadow Credentials" attacks
qu35t-code/QU35T-code
qu35t-code/semgrep-rules
Semgrep rules registry
qu35t-code/smartbrute
Password spraying and bruteforcing tool for Active Directory Domain Services
qu35t-code/smbmap
SMBMap is a handy SMB enumeration tool
qu35t-code/sprayhound
Password spraying tool and Bloodhound integration
qu35t-code/targetedKerberoast
Kerberoast with ACL abuse capabilities
qu35t-code/uploader
Un script Python permettant de télécharger rapidement des fichiers sur une machine distante en fonction du système d'exploitation cible (Linux ou Windows), simplifiant ainsi le processus et facilitant la vitesse de téléchargement