The OS for your personal finances

The Network Execution Tool

Dump the memory of any PPL with a Userland exploit chain

Powerful RSA cracker for CTFs. Supports RSA, X509, OPENSSH in PEM and DER formats.

a map for the azure oriented pentests

You didn't think I'd go and leave the blue team out, right?

A Highly capable Pe Packer

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

A small POC to make defender useless by removing its token privileges and lowering the token integrity

Convert ldapdomaindump to Bloodhound

A unique technique to execute binaries from a password protected zip

Dump Azure AD Connect credentials for Azure AD and Active Directory

Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!

A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Reflective PE packer.

Kerberos unconstrained delegation abuse toolkit

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Recovers passwords from pixelized screenshots

Rich is a Python library for rich text and beautiful formatting in the terminal.

Automation for internal Windows Penetrationtest / AD-Security

Scanner for CVE-2020-0796 - SMBv3 RCE

Homemade Pwnbox 🚀 / Rogue AP 📡 based on Raspberry Pi — WiFi Hacking Cheatsheets MindMap 💡

Advanced scanner for CVE-2020-0796 - SMBv3 RCE

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

Abusing impersonation privileges through the "Printer Bug"

RunasCs - Csharp and open version of windows builtin runas.exe

All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities

Remove duplicates from MASSIVE wordlist, without sorting it (for dictionary-based password cracking)