Pinned Repositories
0xsp-Mongoose
a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
AD-Pentesting-Notes
ADCollector
A lightweight tool to quickly extract valuable information from the Active Directory environment for both attacking and defending.
ADGenerator
Active Directory Generator for upcoming domain pivoting course.
ADLab
Active Directory Lab for Penetration Testing
algorithms
Minimal examples of data structures and algorithms in Python
angr
A powerful and user-friendly binary analysis platform!
Anti-Virus-Evading-Payloads
During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!
sumrecon
zpaav's Repositories
zpaav/ADCollector
A lightweight tool to quickly extract valuable information from the Active Directory environment for both attacking and defending.
zpaav/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
zpaav/bloodyAD
BloodyAD is an Active Directory Privilege Escalation Framework
zpaav/Havoc
The Havoc Framework
zpaav/Adaz
:wrench: Deploy customizable Active Directory labs in Azure - automatically.
zpaav/feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
zpaav/GOAD
game of active directory
zpaav/merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
zpaav/Mythic
A collaborative, multi-platform, red teaming framework
zpaav/posh-dsc-windows-hardening
Windows OS Hardening with PowerShell DSC
zpaav/sliver
Implant framework
zpaav/sysmon-config-swift
Sysmon configuration file template with default high-quality event tracing
zpaav/ThreatPursuit-VM
Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.
zpaav/TInjA
TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines for eight different programming languages.
zpaav/AzureHunter
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
zpaav/BestEdrOfTheMarket
Little AV/EDR bypassing lab for training & learning purposes
zpaav/Bitwarden_Self_Host
Automatically setup and host a Bitwarden instance on a Raspberry Pi or other Linux Server
zpaav/CRTP-cheatsheet
Cheatsheet for the commands learned in Attack and Defense Active Directory Lab
zpaav/donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
zpaav/exploitation-course
Offensive Software Exploitation Course
zpaav/GAP-Burp-Extension
Burp Extension to find potential endpoints. parameters, and generate a custom target wordlist
zpaav/iam-vulnerable
Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.
zpaav/karma_v2
β‘·β πππππ ππΈβ β’Ύ is a Passive Open Source Intelligence (OSINT) Automated Rconnaissance (framework)
zpaav/kerberoast
Kerberoast attack -pure python-
zpaav/Learning-C
A series of mini-projects used to learn C for beginners
zpaav/PacketSpy
PacketSpy
zpaav/PenetrationTesting_Notes-
My Notes about Penetration Testing
zpaav/Reconator
Automated Recon for Pentesting & Bug Bounty
zpaav/shellz
shellz is a small utility to manage your ssh, telnet, kubernetes, winrm, web or any custom shell in a single place.
zpaav/velociraptor
Digging Deeper....