Lists (21)
Stars
CVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability
A tool matrix for Russian APTs based on the Ransomware Tool Matrix
Active Directory data collector for BloodHound written in Rust. 🦀
PoC to coerce authentication from Windows hosts using MS-WSP
A Go implementation of Cobalt Strike style BOF/COFF loaders.
GO Simple Tunnel - a simple tunnel written in golang
A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.
C# POC to extract NetNTLMv1/v2 hashes from ETW provider
Leak of any user's NetNTLM hash. Fixed in KB5040434
A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, function hooking or Import Address Table (IAT) modification.
Monitor changes in Active Directory with replication metadata
This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)
Sniffs sensitive data from interface or pcap
Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!
CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code
Loading Remote AES Encrypted PE in memory , Decrypted it and run it
comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reduction (ASR) rules without Admin privileges
A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.
Microsoft-Outlook-Remote-Code-Execution-Vulnerability