Pinned Repositories
OSEP-Code-Snippets
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
SanC2
Python Command and Control (C2)
ADModule
Microsoft signed ActiveDirectory PowerShell module
AutoRecon
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
BeRoot
Privilege Escalation Project - Windows / Linux / Mac
BloodHound
Six Degrees of Domain Admin
CVE-2021-4034
pkexec (Polkit) exploit of Privilege Escalation vulnerability CVE-2021-4034
CVE-2021-4035
CVE-2021-4034: Local Privilege Escalation in polkit's pkexec proof of concept
DomainPasswordSpray
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
sanchious's Repositories
sanchious/Mastermind
sanchious/SanC2
Python Command and Control (C2)
sanchious/ShellGhost
A memory-based evasion technique which makes shellcode invisible from process start to end.
sanchious/Invoke-ADEnum
Automate Active Directory Enumeration using PowerView
sanchious/DomainPasswordSpray
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
sanchious/WinPwn
Automation for internal Windows Penetrationtest / AD-Security
sanchious/SharpShooter
Payload Generation Framework
sanchious/OSEP-Tools
sanchious/security-tools
My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.
sanchious/CVE-2021-4034
pkexec (Polkit) exploit of Privilege Escalation vulnerability CVE-2021-4034
sanchious/CVE-2021-4035
CVE-2021-4034: Local Privilege Escalation in polkit's pkexec proof of concept
sanchious/LaZagne
Credentials recovery project
sanchious/sam-the-admin
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
sanchious/OSEP-Code-Snippets
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
sanchious/reverse-interview
Questions to ask the company during your interview
sanchious/public-pentesting-reports
Curated list of public penetration test reports released by several consulting firms and academic security groups
sanchious/Privesc
Windows batch script that finds misconfiguration issues which can lead to privilege escalation.
sanchious/tomcter
😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.
sanchious/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
sanchious/BloodHound
Six Degrees of Domain Admin
sanchious/AutoRecon
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
sanchious/PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
sanchious/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
sanchious/TJ-JPT
This repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Joplin
sanchious/pentest-notes
👹 :japanese_ogre: :japanese_ogre:
sanchious/nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
sanchious/BeRoot
Privilege Escalation Project - Windows / Linux / Mac
sanchious/dostackbufferoverflowgood
sanchious/juicy-potato
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
sanchious/low-level-programming
Source code for 'Low-Level Programming' by Igor Zhirkov