WinToast is a lightly library written in C++ which brings a complete integration of the modern toast notifications of Windows 8 & Windows 10. Toast notifications allows your app to inform the users…

Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.

Rust Weaponization for Red Team Engagements.

HardeningKitty and Windows Hardening Settings

A list of all the DLLs export in C:\windows\system32\

Windows NTLM Authentication Backdoor

Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.

code for the Proxy DLL example blog post

FindUncommonShares is a Python script allowing to quickly find uncommon shares in vast Windows Domains, and filter by READ or WRITE accesses.

Dumping DPAPI credz remotely

C++ WinRM API via Reflective DLL

Local Privilege Escalation Edition for CVE-2021-1675/CVE-2021-34527

A little tool to play with Outlook

Proof of concept - Covert Channel using Windows Filtering Platform (C#)

Red Team Attack Lab for TTP testing & research

A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP

A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 20…

Trying to tame the three-headed dog.

Command line tool to extract/decrypt the password that was stored in the LSA by SysInternals AutoLogon

AdmPwd project

Windows Privilege Escalation from User to Domain Admin.

A Generic Windows Memory Scraping Tool

A User Impersonation tool - via Token or Shellcode injection

TCP Port Redirection Utility

C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527

Smart Card PIN swiping DLL

Script to decrypt / import chromium (edge/chrome) cookies

RDPThief donut shellcode inject into mstsc