Pinned Repositories
bruteforce-scripts
CVE-2020-0668
Use CVE-2020-0668 to perform an arbitrary privileged file move operation.
Farmer
GetAdDecodedPassword
This tool queries Active Directory for users with the UnixUserPassword, UserPassword, unicodePwd, or msSFU30Password properties populated. It then decodes those password fields and displays them to the user.
GoLoadTest
NMap-xml-to-docx
NTFSCopy
NTFS parsing library in C#. Allows one to parse and read NTFS structures on disk.
PPLKiller
Tool to bypass LSA Protection (aka Protected Process Light)
SharpHashSpray
An execute-assembly compatible tool for spraying local admin hashes on an Active Directory domain.
WSuspicious
WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations
RedCursorSecurityConsulting's Repositories
RedCursorSecurityConsulting/PPLKiller
Tool to bypass LSA Protection (aka Protected Process Light)
RedCursorSecurityConsulting/CVE-2020-0668
Use CVE-2020-0668 to perform an arbitrary privileged file move operation.
RedCursorSecurityConsulting/NTFSCopy
NTFS parsing library in C#. Allows one to parse and read NTFS structures on disk.
RedCursorSecurityConsulting/SharpHashSpray
An execute-assembly compatible tool for spraying local admin hashes on an Active Directory domain.
RedCursorSecurityConsulting/NMap-xml-to-docx
RedCursorSecurityConsulting/GetAdDecodedPassword
This tool queries Active Directory for users with the UnixUserPassword, UserPassword, unicodePwd, or msSFU30Password properties populated. It then decodes those password fields and displays them to the user.
RedCursorSecurityConsulting/bruteforce-scripts
RedCursorSecurityConsulting/WSuspicious
WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations
RedCursorSecurityConsulting/Farmer
RedCursorSecurityConsulting/GoLoadTest
RedCursorSecurityConsulting/nmap2docx-ng
A revised single file replacement for the old nmap2docx program