Pinned Repositories
ADACLScanner
Repo for ADACLScan.ps1 - Your number one script for ACL's in Active Directory
ASREPRoast
Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
sectimes
Tried and tested
SeemantBisht's Repositories
SeemantBisht/sectimes
Tried and tested
SeemantBisht/ADACLScanner
Repo for ADACLScan.ps1 - Your number one script for ACL's in Active Directory
SeemantBisht/ASREPRoast
Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.
SeemantBisht/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
SeemantBisht/awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
SeemantBisht/aws-waf-security-automation
Amazon WAF Security Automation deployment (modular with Terraform)
SeemantBisht/bta
Open source Active Directory security audit framework.
SeemantBisht/caldera
An automated adversary emulation system
SeemantBisht/cascade-server
CASCADE Server
SeemantBisht/Cheats
Various Cheat Sheets
SeemantBisht/commercial
SeemantBisht/CredKing
Password spraying using AWS Lambda for IP rotation
SeemantBisht/DACL-and-SACL
SeemantBisht/DAMP
The Discretionary ACL Modification Project: Persistence Through Host-based Security Descriptor Modification
SeemantBisht/DeathStar
Automate getting Domain Admin using Empire (https://github.com/EmpireProject/Empire)
SeemantBisht/DomainCheck
DomainCheck is designed to assist operators with monitoring changes related to their domain names. This includes negative changes in categorization, VirusTotal detections, and appearances on malware blacklists. DomainCheck currently works only with NameCheap.
SeemantBisht/domainhunter
Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names
SeemantBisht/DomainPasswordSpray
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
SeemantBisht/goddi
goddi (go dump domain info) dumps Active Directory domain information
SeemantBisht/HoneypotBuster
SeemantBisht/Invoke-CradleCrafter
PowerShell Remote Download Cradle Generator & Obfuscator
SeemantBisht/MailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
SeemantBisht/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
SeemantBisht/PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
SeemantBisht/PowerUpSQL
PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server
SeemantBisht/public-pentesting-reports
Curated list of public penetration test reports released by several consulting firms and academic security groups
SeemantBisht/Remediation-kits
For Implementing CIS Controls in Different Operating Systems
SeemantBisht/Scout2
Security auditing tool for AWS environments
SeemantBisht/Understanding-Windows-Authorization
SeemantBisht/webshell
This is a webshell open source project