Pinned Repositories
ad_ldap_dumper
Security focused tool for dumping information from Active Directory via LDAP
aws_url_signer
POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF
breakableflask
Simple vulnearable Flask web application
CVE-2022-46164-poc
Basic POC exploit for CVE-2022-46164
hlextend
Pure Python hash length extension module
pentesting_stuff
A place to store my various pentesting related code thats too small/niche to justify its own repository, and a simple website with notes on pentesting.
shellcode
Various shell code I have written
ssltest
SSL/TLS cipher testing tool
vulnserver
Vulnerable server used for learning software exploitation
stephenbradshaw's Repositories
stephenbradshaw/hlextend
Pure Python hash length extension module
stephenbradshaw/aws_url_signer
POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF
stephenbradshaw/pentesting_stuff
A place to store my various pentesting related code thats too small/niche to justify its own repository, and a simple website with notes on pentesting.
stephenbradshaw/ad_ldap_dumper
Security focused tool for dumping information from Active Directory via LDAP
stephenbradshaw/CVE-2022-46164-poc
Basic POC exploit for CVE-2022-46164
stephenbradshaw/BurpPythonGateway
Uses py4j to make Burp Extender internals available to Python code and interactive interpreters like iPython
stephenbradshaw/offsecfeed
RSS feed of offensive security topics http://thegreycorner.com/offsecfeed/
stephenbradshaw/CSharpInjectorLibrary
Reference injectable DLL in C# that provides a number of example methods for reproducing various TTPs
stephenbradshaw/detectionlab_mod
Files related to my own DetectionLab deployment process
stephenbradshaw/Red-Lambda
Leveraging AWS Lambda Function URLs for C2 Redirection
stephenbradshaw/DonPAPI
Dumping DPAPI credz remotely
stephenbradshaw/OffensivePipeline
OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.
stephenbradshaw/sliver
Adversary Emulation Framework
stephenbradshaw/stephenbradshaw
Github profile repository
stephenbradshaw/stephenbradshaw.github.io
Website
stephenbradshaw/charlotte
c++ fully undetected shellcode launcher ;)
stephenbradshaw/GOAD
game of active directory - libvirt compatible fork
stephenbradshaw/impacket
Impacket is a collection of Python classes for working with network protocols.
stephenbradshaw/inject
Minimal DLL-injection tool.
stephenbradshaw/keyctl
A Go-lang interface to the linux kernel keyring api
stephenbradshaw/poseidon
Poseidon is a Golang agent targeting Linux and macOS
stephenbradshaw/Security-Research
Exploits written by the Rhino Security Labs team
stephenbradshaw/AD_Attack_Tool
Flexible Active Directory attack tool
stephenbradshaw/azurenum
Enumerate Microsoft Entra ID (Azure AD) fast
stephenbradshaw/CredMaster
Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
stephenbradshaw/evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
stephenbradshaw/FindMeAccess
stephenbradshaw/polenum
Uses Core's Impacket Library to get the password policy from a windows machine
stephenbradshaw/ROADtools
A collection of Azure AD/Entra tools for offensive and defensive security purposes
stephenbradshaw/ysoserial
forked from wh1t3p1g/ysoserial (added payloads) and fixes/notes for compiling