revol's Stars
Pennyw0rth/NetExec
The Network Execution Tool
GhostPack/Certify
Active Directory certificate abuse.
dafthack/MFASweep
A tool for checking if MFA is enabled on multiple Microsoft Services
Mazars-Tech/AD_Miner
AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses
Octoberfest7/TeamsPhisher
Send phishing messages and attachments to Microsoft Teams users
Accenture/Spartacus
Spartacus DLL/COM Hijacking Toolkit
3F/DllExport
.NET DllExport with .NET Core support (aka 3F/DllExport aka DllExport.bat)
mrwadams/attackgen
AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident response scenarios based on user-selected threat actor groups and your organisation's details.
swisskyrepo/InternalAllTheThings
Active Directory and Internal Pentest Cheatsheets
dafthack/GraphRunner
A Post-exploitation Toolset for Interacting with the Microsoft Graph API
DavidBuchanan314/monomorph
MD5-Monomorphic Shellcode Packer - all payloads have the same MD5 hash
ShutdownRepo/pywhisker
Python version of the C# tool for "Shadow Credentials" attacks
soteria-security/365Inspect
A PowerShell script that automates the security assessment of Microsoft 365 environments.
klezVirus/chameleon
PowerShell Script Obfuscator
CICADA8-Research/RemoteKrbRelay
Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
Orange-Cyberdefense/awesome-industrial-protocols
Security-oriented list of resources about industrial network protocols.
zblurx/dploot
DPAPI looting remotely and locally in Python
Bdenneu/CVE-2022-33679
One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html
GoSecure/WSuspicious
WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations
stealthsploit/OneRuleToRuleThemStill
A revamped and updated version of my original OneRuleToRuleThemAll hashcat rule
mitchmoser/SharpShares
Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain
MzHmO/PowershellKerberos
Some scripts to abuse kerberos using Powershell
patrickhener/goshs
A SimpleHTTPServer written in Go, enhanced with features and with a nice design - https://goshs.de
doyensec/wsrepl
WebSocket REPL for pentesters
Warxim/deluder
Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock and Linux Sockets out of the box. ⚡
LuemmelSec/Client-Checker
shipcod3/canTot
quick and dirty canbus h4xing framework
r1cksec/corptrace
Automate Scoping, OSINT and Recon assessments.
fkasler/dolosjs
Red Team "Drop and Run" NAC (802.1x) Bypass
ThePorgs/Exegol-docs
Documentation for Exegol