Pinned Repositories
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
ActiveDirectory
Apuntes Pentesting a ActiveDirectory PentesterAcademy
AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
AD-Pentesting-Notes
awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
Awesome-RedTeam-Cheatsheet
Active Directory & Red-Team Cheat-Sheet in constant expansion.
AZ-104-MicrosoftAzureAdministrator
AZ-104 Microsoft Azure Administrator
Azure-Sentinel-Threat-Intelligence
Repository containing scripts to add IOCs of known attacks/vulnerabilities
commix
Automated All-in-One OS Command Injection Exploitation Tool.
tfmarques23's Repositories
tfmarques23/AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
tfmarques23/AD-Pentesting-Notes
tfmarques23/awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
tfmarques23/Awesome-RedTeam-Cheatsheet
Active Directory & Red-Team Cheat-Sheet in constant expansion.
tfmarques23/AZ-104-MicrosoftAzureAdministrator
AZ-104 Microsoft Azure Administrator
tfmarques23/commix
Automated All-in-One OS Command Injection Exploitation Tool.
tfmarques23/CRTO
Certified Red Team Operator
tfmarques23/CVE-2022-29072
7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area.
tfmarques23/deepdarkCTI
Collection of Cyber Threat Intelligence sources from the deep and dark web
tfmarques23/EmailSecCheck
EmailSecCheck is a lightweight Python utility used to check for common SPF/DMARC misconfigurations that may allow for email spoofing.
tfmarques23/Go365
An Office365 User Attack Tool
tfmarques23/htrace.sh
My simple Swiss Army knife for http/https troubleshooting and profiling.
tfmarques23/LinksToLeaks
tfmarques23/MSOLSpray
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
tfmarques23/noPac
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
tfmarques23/ntlmrelayx2proxychains
tfmarques23/OSCP_notes
OSCP Guide
tfmarques23/Pandoras-Box
This repo contains my custom scripts for Penetration Testing and Red Team Assessments. I will keep on updating this repo as and when I get time.
tfmarques23/Pentest-Tools
tfmarques23/PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
tfmarques23/pscan
Multiprocessing Port Scanner
tfmarques23/RedTeamPowershellScripts
Various PowerShell scripts that may be useful during red team exercise
tfmarques23/routersploit
Exploitation Framework for Embedded Devices
tfmarques23/sam-the-admin
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
tfmarques23/ShomeCheatsheet
tfmarques23/SSRFire
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
tfmarques23/tfmarques23
Config files for my GitHub profile.
tfmarques23/VeraCryptThief
Extracting clear-text passwords from VeraCrypt.exe using API hooking
tfmarques23/Web-Attack-Cheat-Sheet
Web Attack Cheat Sheet
tfmarques23/WinPwn
Automation for internal Windows Penetrationtest / AD-Security