✨ Build a beautiful and simple website in literally minutes. Demo at https://beautifuljekyll.com

Send phishing messages and attachments to Microsoft Teams users

A Python tool for ingesting HTML and producing HTML source suitable for phishing campaigns.

Dump Azure AD Connect credentials for Azure AD and Active Directory

Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling

dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!

Find Microsoft Exchange instance for a given domain and identify the exact version

Cobalt Strike User Defined Reflective Loader (UDRL). Check branches for different functionality.

Quick POC to replicate the 'Follina' Office RCE vulnerability for local testing purposes

A technique of hiding malicious shellcode via Shannon encoding.

pyCobaltHound is an Aggressor script extension for Cobalt Strike which aims to provide a deep integration between Cobalt Strike and Bloodhound.

A SOCKS proxy written in Python that randomizes your source IP address. Round-robin your evil packets through SSH tunnels or give them billions of unique source addresses!

AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation

Maximizing BloodHound. Max is a good boy.

TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!

Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll

A Node.js / Express.js app using SendGrid's Inbound Parse to parse email data / attachments

Exactly what it sounds like, which is something rad

mergeness is a .nessus report file merge tool