Pinned Repositories
ADSearch
A tool to help query AD via the LDAP protocol
Awesome-Redteam
一个红队知识仓库
Certify
Active Directory certificate abuse.
CVE-2022-3368
f403
用于渗透测试中对40x页面进行bypass并发扫描,采用go编写
ForgeCert
"Golden" certificates
FUD-UUID-Shellcode
GetFGPP
Get Fine Grained Password Policy
GOAD
game of active directory
thinkphp
thinkphp3.2.3 sql注入检测小脚本
cmjlove1's Repositories
cmjlove1/active-directory-firewall
Active Directory Firewall
cmjlove1/ADcheck
cmjlove1/ADeleginator
A companion tool that uses ADeleg to find insecure trustee and resource delegations in Active Directory
cmjlove1/ARL
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
cmjlove1/AutoAppDomainHijack
Automated .NET AppDomain hijack payload generation
cmjlove1/aws-recon
Multi-threaded AWS inventory collection tool with a focus on security-relevant resources and metadata.
cmjlove1/CDK
📦 Make security testing of K8s, Docker, and Containerd easier.
cmjlove1/Client-Checker
cmjlove1/CVE-2024-4323-Exploit-POC
This proof-of-concept script demonstrates how to exploit CVE-2024-4323, a memory corruption vulnerability in Fluent Bit, enabling remote code execution.
cmjlove1/darkPulse
darkPulse是一个用go编写的shellcode Packer,用于生成各种各样的shellcode loader,目前免杀火绒,360,360核晶。
cmjlove1/dploot
DPAPI looting remotely in Python
cmjlove1/dredge
Dredging up secrets from the depths of the file system
cmjlove1/EDRaser
EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual.
cmjlove1/go-msrpc
The DCE/RPC / MS-RPC Codegen/Client for Go
cmjlove1/Invoke-RunAsWithCert
A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.
cmjlove1/LetMeowIn
A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.
cmjlove1/ligolo-ng
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
cmjlove1/ludus_sccm
An Ansible collection that installs an SCCM deployment with optional configurations.
cmjlove1/MMS2024Demos
Demo code for MMS 2024
cmjlove1/NetExec-Wiki
This is the repository which is synced to the gitbook wiki at https://www.netexec.wiki/
cmjlove1/no-defender
A slightly more fun way to disable windows defender. (through the WSC api)
cmjlove1/OPSEC-Tradecraft
Collection of OPSEC Tradecraft and TTPs for Red Team Operations
cmjlove1/OUned
The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning
cmjlove1/POC-exp
收集整理漏洞EXp/POC,大部分漏洞来源网络,目前收集整理了400多个poc/exp,长期更新。
cmjlove1/RelabelAbuse
cmjlove1/RustRedOps
🦀 | RustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.
cmjlove1/ScriptSentry
ScriptSentry finds misconfigured and dangerous logon scripts.
cmjlove1/SearchAvailableExe
寻找可利用的白文件
cmjlove1/smbclient-ng
smbclient-ng, a fast and user friendly way to interact with SMB shares.
cmjlove1/TierZeroTable
Table of AD and Azure assets and whether they belong to Tier Zero