Pinned Repositories
PingCastle-Notify
Monitor your PingCastle scans to highlight the rule diff between two scans
BackupOperatorToDA
From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller
ByP-SOP
🏴☠️ Bypass Same Origin Policy with DNS-rebinding to retrieve local server files 🏴☠️
CVE-2019-0192
RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl
CVE-2019-5418
CVE-2019-5418 - File Content Disclosure on Ruby on Rails
Padding-oracle-attack
:unlock: Padding oracle attack against PKCS7 :unlock:
poodle-PoC
:poodle: Poodle (Padding Oracle On Downgraded Legacy Encryption) attack CVE-2014-3566 :poodle:
Rails-doubletap-RCE
RCE on Rails 5.2.2 using a path traversal (CVE-2019-5418) and a deserialization of Ruby objects (CVE-2019-5420)
Spring-Boot-Actuator-Exploit
Spring Boot Actuator (jolokia) XXE/RCE
NetExec
The Network Execution Tool
mpgn's Repositories
mpgn/BackupOperatorToDA
From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller
mpgn/Padding-oracle-attack
:unlock: Padding oracle attack against PKCS7 :unlock:
mpgn/poodle-PoC
:poodle: Poodle (Padding Oracle On Downgraded Legacy Encryption) attack CVE-2014-3566 :poodle:
mpgn/CVE-2019-5418
CVE-2019-5418 - File Content Disclosure on Ruby on Rails
mpgn/Rails-doubletap-RCE
RCE on Rails 5.2.2 using a path traversal (CVE-2019-5418) and a deserialization of Ruby objects (CVE-2019-5420)
mpgn/astudiaeth
Master CSI
mpgn/HallOfFame-Root-me.org
:skull: Root-me Hall Of Fame dashboard :skull:
mpgn/discourse-cookie-token-domain
:cookie: Allow to setup cookie token to authenticate user :cookie:
mpgn/The-Hacker-Recipes
This project is aimed at freely providing technical guides on various hacking topics: Active Directory services, web services, servers, intelligence gathering, physical intrusion, phishing, mobile apps, iot, social engineering, etc.
mpgn/docker_dashboard
mpgn/InternalAllTheThings
Active Directory and Internal Pentest Cheatsheets
mpgn/impacket-cme
mpgn/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
mpgn/BloodHound
Six Degrees of Domain Admin
mpgn/dploot
DPAPI looting remotely in Python
mpgn/Exegol-images
Docker images of the Exegol project
mpgn/impacket
Impacket is a collection of Python classes for working with network protocols.
mpgn/PingCastle-Notify
Send the result of a PingCastle scan into Slack and highlight the rule diff between two scans
mpgn/serviceDetector
Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin privileges.
mpgn/1mm0rt41PC
mpgn/aardwolf
Asynchronous RDP client for Python (headless)
mpgn/c2-n-hop-with-ssf
https://mpgn.github.io/c2-n-hop-with-ssf/
mpgn/lsassy
Extract credentials from lsass remotely
mpgn/mpgn
mpgn/PCredz
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
mpgn/pingcastle
PingCastle - Get Active Directory Security at 80% in 20% of the time
mpgn/Portfolio
mpgn/Rubeus
Trying to tame the three-headed dog.
mpgn/sigma
Generic Signature Format for SIEM Systems
mpgn/tchou-tchou