A fork of the great TokenTactics with support for CAE and token endpoint v2

A toolkit for your red team operations

Hide your Powershell script in plain sight. Bypass all Powershell security features

So, you think you have MFA? AAD/ROPC/MFA bypass testing tool

Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.

Determine if the WebClient Service (WebDAV) is running on a remote system

TCP Port Redirection Utility

Certified Red Team Operator (CRTO) Cheatsheet and Checklist

Framework for Kerberos relaying

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

Microsoft signed ActiveDirectory PowerShell module

StandIn is a small .NET35/45 AD post-exploitation toolkit

OSINT Tool For Scraping Dark Websites

Malicious WMI Events using PowerShell

The Elevate Kit demonstrates how to use third-party privilege escalation attacks with Cobalt Strike's Beacon payload.

SharpUp is a C# port of various PowerUp functionality.

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

Inject remote template link into word document for remote template injection

OneForAll是一款功能强大的子域收集工具

🕵️‍♂️ All-in-one OSINT tool for analysing any website

Username enumeration and password spraying tool aimed at Microsoft O365.

TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It ca…

Daily feed of bad IPs (with blacklist hit scores)

🔨 List all IP ranges from: Google (Cloud & GoogleBot), Bing (Bingbot), Amazon (AWS), Microsoft, Oracle (Cloud), GitHub, Facebook (Meta), OpenAI (GPTBot) and other with daily updates.

Hourly Checked and Updated Spamhaus IP Addresses lists