Pinned Repositories
ADExplorerSnapshot.py
ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.
Evilginx-Phishlets
Evilginx3 Phishlets version (0.2.3 & above) Only For Testing/Learning Purposes
ExecRemoteNET
Execute Remote Assembly with args passing and with AMSI and ETW patching .
Gat
Golang Access Tool
Hak5Devices
Custom versions of Public Hak5Device scripts and tools.
KISS
Kali Setup Script
RemotePE
Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique It runs only c/c++/asm based binaries.
SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
m1ddl3w4r3's Repositories
m1ddl3w4r3/Base-Install-Scripts
Hosting location for Win10 New machine image
m1ddl3w4r3/Gat
Golang Access Tool
m1ddl3w4r3/Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
m1ddl3w4r3/ProtectMyTooling
Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.
m1ddl3w4r3/koth_simulator
A simulation of the RFCTF KOTH game.
m1ddl3w4r3/wacker
A WPA3 dictionary cracker
m1ddl3w4r3/wifi_db
Script to parse Aircrack-ng captures into a SQLite database and extract useful information like handshakes, MGT identities, interesting relations between APs, clients and it's Probes, WPS information and a global view of all the APs seen.
m1ddl3w4r3/PSpersist
Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell process is created, the implant will be executed too.
m1ddl3w4r3/Shellcode-Hide
This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp, socket)
m1ddl3w4r3/ElusiveMice
Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
m1ddl3w4r3/PowerHuntShares
PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.
m1ddl3w4r3/m1ddl3w4r3.github.io
m1ddl3w4r3/pi-pwnbox-rogueap
Homemade Pwnbox :rocket: / Rogue AP :satellite: based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap :bulb:
m1ddl3w4r3/BadBlood
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active D
m1ddl3w4r3/Freeze
Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
m1ddl3w4r3/Invoke-CommandAs
Invoke Command As System/Interactive/GMSA/User on Local/Remote machine & returns PSObjects.
m1ddl3w4r3/eaphammer
Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.
m1ddl3w4r3/m1ddl3w4r3
m1ddl3w4r3/linkedin2username
OSINT Tool: Generate username lists for companies on LinkedIn
m1ddl3w4r3/RemotePE
Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique It runs only c/c++/asm based binaries.
m1ddl3w4r3/ExecRemoteNET
Execute Remote Assembly with args passing and with AMSI and ETW patching .
m1ddl3w4r3/certi
ADCS abuser
m1ddl3w4r3/noPac
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
m1ddl3w4r3/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
m1ddl3w4r3/hak5-submissions
This is a collection of my pentesting scripts I have come up with
m1ddl3w4r3/lnkbomb
Malicious shortcut generator for collecting NTLM hashes from insecure file shares.
m1ddl3w4r3/Mangle
Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
m1ddl3w4r3/Windows-and-Active-Directory
m1ddl3w4r3/PCredz
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
m1ddl3w4r3/Wi-Fi-Evil-Twin