Defeating Windows User Account Control

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

Collection of UAC Bypass Techniques Weaponized as BOFs

Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @WebbinRoot

A collection of scripts for assessing Microsoft Azure security

Enumerate the permissions associated with AWS credential set

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Scan for misconfigured S3 buckets across S3-compatible APIs!

Multi-Cloud Security Auditing Tool

User-friendly AI Interface (Supports Ollama, OpenAI API, ...)

A PoC to deploy a Sliver Agent with amsi bypass, process injection, hollowing and OpSec

A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)

ShellCodeLoader via DInvoke

Proof-of-concept obfuscation toolkit for C# post-exploitation tools

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

ScareCrow - Payload creation framework designed around EDR bypass.

LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113

A collection of resources, tools and more for penetration testing and securing Microsofts cloud platform Azure.

Phishing Tool & Information Collector

This map lists the essential techniques to bypass anti-virus and EDR

DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely

A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals…

Spartacus DLL/COM Hijacking Toolkit

A BOF that runs unmanaged PEs inline

Fileless lateral movement tool that relies on ChangeServiceConfigA to run command

Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown

The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Product Group in conjunction with the Microsoft Detection and Resp…

A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.

Because AV evasion should be easy.

Small and highly portable detection tests based on MITRE's ATT&CK.