TheWover

TheWover's Stars

• flipperdevices/flipperzero-firmware

  Flipper Zero firmware source code

  Language:C13.4k3041.1k2.8k

• OpenCTI-Platform/opencti

  Open Cyber Threat Intelligence Platform

  Language:TypeScript6.6k1435.6k971

• itm4n/PrivescCheck

  Privilege Escalation Enumeration Script for Windows

  Language:PowerShell3.1k8350439

• ly4k/Certipy

  Tool for Active Directory Certificate Services enumeration and abuse

  Language:Python2.5k31163344

• topotam/PetitPotam

  PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

  Language:C1.9k276288

• cube0x0/CVE-2021-1675

  C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527

  Language:C#1.9k4364585

• center-for-threat-informed-defense/adversary_emulation_library

  An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

  Language:C1.8k14375318

• klezVirus/inceptor

  Template-Driven AV/EDR Evasion Framework

  Language:Assembly1.6k3748268

• GhostPack/Certify

  Active Directory certificate abuse.

  Language:C#1.6k3028220

• Dec0ne/KrbRelayUp

  KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

  Language:C#1.6k2323208

• OmerYa/Invisi-Shell

  Hide your Powershell script in plain sight. Bypass all Powershell security features

  Language:C++1.1k422162

• bats3c/DarkLoadLibrary

  LoadLibrary for offensive operations

  Language:C1.1k258206

• eladshamir/Whisker

  Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.

  Language:C#829103102

• GhostPack/PSPKIAudit

  PowerShell toolkit for AD CS auditing based on the PSPKI toolkit.

  Language:PowerShell8233224116

• serge1/ELFIO

  ELFIO is a header-only C++ library for reading and generating ELF (Executable and Linkable Format) files.

  Language:C++7522969162

• optiv/Ivy

  Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.

  Language:Go7422121129

• GhostPack/ForgeCert

  "Golden" certificates

  Language:C#647191109

• hasherezade/process_ghosting

  Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file

  Language:C6351212114

• D00MFist/Mystikal

  macOS Initial Access Payload Generator

  Language:Python2909439

• zer1t0/certi

  ADCS abuser

  Language:Python2654431

• D00MFist/PersistentJXA

  Collection of macOS persistence methods and miscellaneous tools in JXA

  Language:JavaScript26415027

• xforcered/StandIn

  StandIn is a small .NET35/45 AD post-exploitation toolkit

  Language:C#2538030

• paranoidninja/Process-Instrumentation-Syscall-Hook

  A simple program to hook the current process to identify the manual syscall executions on windows

  Language:C2509046

• tonghuaroot/Awesome-macOS-Red-Teaming

  List of Awesome macOS Red Teaming Resources.

  2254034

• zodiacon/WinSpy

  Enhanced version of the classic Spy++ tool

  Language:C++17810350

• its-a-feature/Orchard

  JavaScript for Automation (JXA) tool to do Active Directory enumeration.

  Language:JavaScript993115

• n1nj4sec/pymemimporter

  import pyd or execute PE all from memory using only pure python code and some shellcode tricks

  Language:Python736415

• netmeld/netmeld

  A tool suite for use during system assessments.

  Language:C++352828

• hasherezade/libpeconv_and_detours_tpl

  A template for projects using both libPeConv and MS Detours

  Language:C++13504

• HiraokaHyperTools/LibEnumRemotePreviousVersion

  Invoke FSCTL_SRV_ENUMERATE_SNAPSHOTS for remote share.

  Language:C#7400