Pinned Repositories
Course_AWS_Certified_Machine_Learning
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
SecLists
SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
marcostolosa's Repositories
marcostolosa/Course_AWS_Certified_Machine_Learning
marcostolosa/RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
marcostolosa/adidnsdump
Active Directory Integrated DNS dumping by any authenticated user
marcostolosa/ADRecon
ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
marcostolosa/audioFlux
A library for audio and music analysis, feature extraction.
marcostolosa/CVE-2021-1675
C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527
marcostolosa/Dehashed
This repo contains scripts to query dehashed.com and crack the returned hashes which will then save all cleartext passwords and hashes to files.
marcostolosa/DomainPasswordSpray
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
marcostolosa/Drake-Music-Clustering
Utilize Spotify web API data to create unique playlists through clustering
marcostolosa/Empire
Empire is a PowerShell and Python 3.x post-exploitation framework.
marcostolosa/fping
High performance ping tool
marcostolosa/GMSAPasswordReader
marcostolosa/gpp-decrypt
Tool to parse the Group Policy Preferences XML file which extracts the username and decrypts the cpassword attribute.
marcostolosa/grpcui
An interactive web UI for gRPC, along the lines of postman
marcostolosa/grpcurl
Like cURL, but for gRPC: Command-line tool for interacting with gRPC servers
marcostolosa/jadx
Dex to Java decompiler
marcostolosa/juicy-potato
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
marcostolosa/linkedin2username
OSINT Tool: Generate username lists for companies on LinkedIn
marcostolosa/LyricsGenius
Download song lyrics and metadata from Genius.com 🎶🎤
marcostolosa/marcostolosa.github.io
marcostolosa/mimikatz-1
marcostolosa/nba-mvp-ml-modeling
using statistical and machine learning models to predict NBA's MVP award
marcostolosa/net-creds
Sniffs sensitive data from interface or pcap
marcostolosa/noPac
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
marcostolosa/PentestGPT
A GPT-empowered penetration testing tool
marcostolosa/PKINITtools
Tools for Kerberos PKINIT and relaying to AD CS
marcostolosa/Snaffler
a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
marcostolosa/SpotiFile
Spotify scraper
marcostolosa/tcpdump
the TCPdump network dissector
marcostolosa/WADComs.github.io
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.