Pinned Repositories
A-Red-Teamer-diaries
Red_teaming/Pentesting notes and experiments for a real world engagements
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
adconnectdump
Dump Azure AD Connect credentials for Azure AD and Active Directory
algorithms
Minimal examples of data structures and algorithms in Python
Amass
In-depth DNS Enumeration and Network Mapping
awesome-python
A curated list of awesome Python frameworks, libraries, software and resources
defarbs.github.io
The official GitHub site for Farbs!
dompdf-exploit
Exploit for systems running dompdf 0.6.0 or lower. Tested on version 0.6.0 as well as all 0.6.0 beta versions.
adconnectdump
Dump Azure AD Connect credentials for Azure AD and Active Directory
Cobalt-Strike-CheatSheet
Some notes and examples for cobalt strike's functionality
defarbs's Repositories
defarbs/defarbs.github.io
The official GitHub site for Farbs!
defarbs/adconnectdump
Dump Azure AD Connect credentials for Azure AD and Active Directory
defarbs/dompdf-exploit
Exploit for systems running dompdf 0.6.0 or lower. Tested on version 0.6.0 as well as all 0.6.0 beta versions.
defarbs/A-Red-Teamer-diaries
Red_teaming/Pentesting notes and experiments for a real world engagements
defarbs/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
defarbs/Amass
In-depth DNS Enumeration and Network Mapping
defarbs/SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
defarbs/can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
defarbs/chomp-scan
A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.
defarbs/Cobalt-Strike-CheatSheet
Some notes and examples for cobalt strike's functionality
defarbs/code-snippets
Various code snippets
defarbs/CrackMapExec
A swiss army knife for pentesting networks
defarbs/dearg-thread-ipc-stealth
A novel technique to communicate between threads using the standard ETHREAD structure
defarbs/domained
Multi Tool Subdomain Enumeration
defarbs/GTFOBins.github.io
Curated list of Unix binaries that can be exploited to bypass system security restrictions
defarbs/OSCP-Exam-Report-Template
Modified template for the OSCP Exam. Used it during my passing attempt
defarbs/OSCPRepo
A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' Keepnote. Reconscan in scripts folder.
defarbs/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
defarbs/Platypus
:hammer: A modern multiple reverse shell sessions manager written in go
defarbs/PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
defarbs/ROPgadget
This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC and MIPS architectures.
defarbs/ropstar
Automatic exploit generation for simple linux pwn challenges.
defarbs/sherlock
🔎 Find usernames across social networks
defarbs/stego-toolkit
Collection of steganography tools - helps with CTF challenges
defarbs/T.D.P
Using Thread Description To Hide Shellcode
defarbs/THRecon
Threat Hunting Reconnaissance Toolkit
defarbs/VHostScan
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
defarbs/vulnerable_xss
defarbs/wdb
An improbable web debugger through WebSockets
defarbs/windapsearch
Python script to enumerate users, groups and computers from a Windows domain through LDAP queries