Uses rpcdump to locate the ADCS server, and identify if ESC8 is vulnerable from unauthenticated perspective.

An enterprise friendly way of detecting and preventing secrets in code.

Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel

BOF to steal browser cookies & credentials

Tool to decrypt App-Bound encrypted keys in Chrome 127+, using the IElevator COM interface with path validation and encryption protections.

Simple Windows desktop application for viewing & querying Apache Parquet files

A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain.

Base16 for Shells

Gogh is a collection of color schemes for various terminal emulators, including Gnome Terminal, Pantheon Terminal, Tilix, and XFCE4 Terminal also compatible with iTerm on macOS.

A BOF that runs unmanaged PEs inline

Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown

NTLMRawUnhide.py is a Python3 script designed to parse network packet capture files and extract NTLMv2 hashes in a crackable format. The following binary network packet capture formats are supporte…

This small utility retrieves from the CommonCrawl data set unique subdomains for a given domain name.

Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domain joined machies

Convert an LDIF file to JSON files ingestible by BloodHound

Fast DNS Lookup Library and CLI Tool

Chameleon: A tool for evading Proxy categorisation

Proof-of-concept obfuscation toolkit for C# post-exploitation tools

GPUProfiler for Linux

Python library for reading and writing Windows shortcut files (.lnk). Python 3 only.

Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.

TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts

.NET Project for Attacking vCenter

EvenBetter is a frontend Caido plugin that makes the Caido experience even better 😎

Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework

PowerShell rebuilt in C# for Red Teaming purposes