BloodyAD is an Active Directory Privilege Escalation Framework

Binaries for the book Practical Malware Analysis

Fake Protocol Server

Socks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services / Citrix / XenApp / XenDesktop

A tool that shows detailed information about named pipes in Windows

New generation of wmiexec.py

Impacket is a collection of Python classes for working with network protocols.

Microsoft-Outlook-Remote-Code-Execution-Vulnerability

Tool for Active Directory Certificate Services enumeration and abuse

The Network Execution Tool

The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).

Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework

Re-play Security Events

MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.

Tool to remotely dump secrets from the Windows registry

A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)

game of active directory

Cobalt Strike HTTPS beaconing over Microsoft Graph API

This repo includes ChatGPT prompt curation to use ChatGPT and other LLM tools better.

SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket

Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types

An offensive data enrichment pipeline

OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team exercises.

Red Teaming Tactics and Techniques

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

Tools and Techniques for Red Team / Penetration Testing

A light-weight first-stage C2 implant written in Nim (and Rust).

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.