application server attack toolkit

JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool

iOS/macOS Research Swiss Army Knife

Python DNS Name Server Framework

红蓝对抗：钓鱼演练资源汇总&备忘录

game of active directory

Fast and customizable vulnerability scanner based on simple YAML based DSL.

HVNC for Cobalt Strike

Deck | Track is a P2P track library management program

Swift 5 macOS agent

A repository containing a custom Traktor mapping for the Launch Control XL

A C# utility for interacting with SCCM

Proxylogon & Proxyshell & Proxyoracle & Proxytoken & All exchange server history vulns summarization :)

HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.

A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

A .NET tool for exporting and importing certificates without touching disk.

CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.

Evil SQL Client (ESC) is an interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features. While ESC can be a handy SQL Client for daily tasks, it w…

OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup

Managed assembly shellcode generation

Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.

LoadLibrary for offensive operations

Collection of Beacon Object Files

Proof of Concepts

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

A tool to perform Kerberos pre-auth bruteforcing