This repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Joplin

Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)

Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (cLDAP)

Active Directory certificate abuse.

PowerSploit - A PowerShell Post-Exploitation Framework

A little tool to play with Windows security

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

Use SE_BACKUP_NAME/SeBackupPrivilege to access objects you shouldn't have access to

Kernel mode WinDbg extension and PoCs for token privilege investigation.

getsystem via parent process using ps1 & embeded c#

OSCP Cheatsheet by Sai Sathvik

This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Wordlists for creating statistically likely username lists for use in password attacks and security testing

Single-file PHP shell

CLI & library to search for default credentials among thousands of Products / Vendors

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Linux enumeration tool for pentesting and CTFs with verbosity levels

Scripted Local Linux Enumeration & Privilege Escalation Checks

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF