Maester is a PowerShell based test automation framework to help you stay in control of your Microsoft security configuration.

Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown

Quelques conseils autour des obligations légales, fiscales et juridique pour la pratique du Bug Bounty en France

display a very bright white color on HDR-enabled displays

Azure AD cheatsheet for the CARTP course

An implementation of a Windows Event Collector server running on GNU/Linux.

gmsad manages Active Directory group Managed Service Account (gMSA) on Linux

Tenable.ad IOA module event logs listener

Active Directory delegation management tool

AD Live changes viewer

PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

Vulnerabilities, exploits, and PoCs

Resources for our Active Directory security workshops

Proof-of-concept tools for my AD Forest trust research

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

A little toolbox to play with Microsoft Kerberos in C

A little tool to play with Windows security

Exchange privilege escalations to Active Directory

Détection d'anomalie à partir des journaux d'authentification Windows

Expriments

AADInternals PowerShell module for administering Azure AD and Office 365

Lab files & scripts for our articles in MISC regarding Active Directory trusts relationships

AD Security Intrusion Detection System

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Six Degrees of Domain Admin

Directory Services Internals (DSInternals) PowerShell Module and Framework

Old CIS benchmarks archive

A list of useful payloads and bypass for Web Application Security and Pentest/CTF