Rec916's Stars
chryzsh/awesome-bloodhound
A curated list of awesome BloodhoundAD resources
optiv/ScareCrow
ScareCrow - Payload creation framework designed around EDR bypass.
gtworek/Priv2Admin
Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.
bohops/WSMan-WinRM
A collection of proof-of-concept source code and scripts for executing remote commands over WinRM using the WSMan.Automation COM object
mdsecactivebreach/Farmer
p3nt4/RunDLL.Net
Execute .Net assemblies using Rundll32.exe
Gerenios/AADInternals
AADInternals PowerShell module for administering Azure AD and Office 365
canix1/ADACLScanner
Repo for ADACLScan.ps1 - Your number one script for ACL's in Active Directory
samratashok/RACE
RACE is a PowerShell module for executing ACL attacks against Windows targets.
rasta-mouse/ThreatCheck
Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.
Flangvik/NetLoader
Loads any C# binary in mem, patching AMSI + ETW.
Ignitetechnologies/BurpSuite-For-Pentester
This cheatsheet is built for the Bug Bounty Hunters and penetration testers in order to help them hunt the vulnerabilities from P4 to P1 solely and completely with "BurpSuite".
rasta-mouse/Covenant
Covenant is a collaborative .NET C2 framework for red teamers.
FSecureLABS/SharpGPOAbuse
SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by that GPO.
mantvydasb/RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
blacklanternsecurity/TREVORspray
TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!
mxrch/GHunt
🕵️♂️ Offensive Google framework.
dafthack/CloudPentestCheatsheets
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
odedshimon/BruteShark
Network Analysis Tool
optiv/Talon
A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.
0x90n/InfoSec-Black-Friday
All the deals for InfoSec related software/tools this Black Friday
center-for-threat-informed-defense/adversary_emulation_library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
leoloobeek/LAPSToolkit
Tool to audit and attack LAPS environments
JoelGMSec/AutoRDPwn
The Shadow Attack Framework
lgandx/PCredz
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
SadProcessor/CypherDog
PoSh BloodHound Dog Whisperer
som3canadian/Some-Tools
Some Pentest Tools. Install and keep up to date some pentesting tools. I used this to pass my OSCP exam.
nsacyber/Pass-the-Hash-Guidance
Configuration guidance for implementing Pass-the-Hash mitigations. #nsacyber
Arvanaghi/SessionGopher
SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
Flangvik/SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.