Lists (1)
Sort Name ascending (A-Z)
Stars
Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.
A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.
BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
Collection of C# projects. Useful for pentesting and redteaming.
A command and control framework written in rust.
Wireless keystroke injection attack platform
BSPWM environment with 18 themes. With a theme selector to change on the fly.
Dynamic and elegant desktop setup inspired by Material You, featuring auto-generated colors, fluid animations, and ripple effects for a cohesive, customizable user experience.
Technical notes, AD pentest methodology, list of tools, scripts and Windows commands that I find useful during internal penetration tests and assumed breach exercises (red teaming)
Assist reverse tcp shells in post-exploration tasks
From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller
JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.
JustGetDA, a cheat sheet which will aid you through internal network & red team engagements.
This repository focuses on replicating the behavioral patterns observed in well-documented APT campaigns.
A modern 64-bit position independent implant template
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)
Powerful framework for rogue access point attack.
ShuckNT is the script of Shuck.sh online service for on-premise use. It is design to dowgrade, convert, dissect and shuck authentication token based on Data Encryption Standard (DES).
AllForOne allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories,
Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (cLDAP)
Education purpose showing how the combination of useful tool could tweak a patched script can still be execute without detected. In this scenario I am using various step and tool including the a bi…
Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing