Pinned Repositories
arachni
Web Application Security Scanner Framework
Cheatsheets-1
Penetration Testing/Security Cheatsheets
sam-the-admin
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
filipesam's Repositories
filipesam/AhMyth
Cross-Platform Android Remote Administration Tool | Official maintained repository for the AhMyth R.A.T Project | A dedicated revival of the original repository at https://GitHub.com/AhMyth/AhMyth-Android-RAT
filipesam/asysocks
Socks5 / Socks4 client and server library
filipesam/Awesome-Cybersecurity-Handbooks
A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.
filipesam/Azure-Red-Team
Azure Security Resources and Notes
filipesam/C2_RedTeam_CheatSheets
Useful C2 techniques and cheatsheets learned from engagements
filipesam/ccmpwn
sccm ccmpwn
filipesam/cheatsheets-2
Random pentest notes. Use your Ctrl-F to navigate around
filipesam/corkscrew
A tool for tunneling SSH through HTTP proxies
filipesam/CS-Remote-OPs-BOF
filipesam/CSharp-Alt-Shellcode-Callbacks
A collection of (even more) alternative shellcode callback methods in CSharp
filipesam/DictionShellcode
Encode shellcode into dictionary words for evasion and entropy reduction
filipesam/EventLogCrasher
filipesam/FaceDancer
FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loading
filipesam/ForgeArmory
ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).
filipesam/Founding
Founding is generator that will create a new binary encrypted or obfuscated with different execution types
filipesam/GraphRunner
A Post-exploitation Toolset for Interacting with the Microsoft Graph API
filipesam/MemReader_BoF
filipesam/Misconfiguration-Manager
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
filipesam/MS-SharePoint-July-Patch-RCE-PoC
filipesam/MSC_Dropper
filipesam/npk
A mostly-serverless distributed hash cracking platform
filipesam/OperatorsKit
Collection of Beacon Object Files (BOF) for Cobalt Strike
filipesam/PassTheCert
Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel
filipesam/PSBits
Simple (relatively) things allowing you to dig a bit deeper than usual.
filipesam/pssrecon
filipesam/public-pentesting-reports
Curated list of public penetration test reports released by several consulting firms and academic security groups
filipesam/ruler
A tool to abuse Exchange services
filipesam/speakeasy
Windows kernel and user mode emulation.
filipesam/VECTR
VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios
filipesam/ZigStrike