swzhouu
Follow
Stars
swzhouu / SigmaPotato
Forked from tylerdotrar/SigmaPotatoSeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection support.
swzhouu / hashgrab
Forked from xct/hashgrabgenerate payloads that force authentication against an attacker machine
swzhouu / gMSADumper
Forked from micahvandeusen/gMSADumperLists who can read any gMSA password blobs and parses them if the current user has access.
swzhouu / pywhisker
Forked from ShutdownRepo/pywhiskerPython version of the C# tool for "Shadow Credentials" attacks
swzhouu / BadAssMacros
Forked from Inf0secRabbit/BadAssMacrosBadAssMacros - C# based automated Malicous Macro Generator.
swzhouu / Rubeus
Forked from GhostPack/RubeusTrying to tame the three-headed dog.
swzhouu / impacket
Forked from fortra/impacketImpacket is a collection of Python classes for working with network protocols.
swzhouu / mimikatz
Forked from gentilkiwi/mimikatzA little tool to play with Windows security
swzhouu / BloodHound.py
Forked from dirkjanm/BloodHound.pyA Python based ingestor for BloodHound
swzhouu / BloodHound
Forked from BloodHoundAD/BloodHoundSix Degrees of Domain Admin
swzhouu / SharpHound
Forked from BloodHoundAD/SharpHoundC# Data Collector for BloodHound
swzhouu / HostRecon
Forked from dafthack/HostReconThis function runs a number of checks on a system to help provide situational awareness to a penetration tester during the reconnaissance phase. It gathers information about the local system, users…
swzhouu / PowerSploit
Forked from PowerShellMafia/PowerSploitPowerSploit - A PowerShell Post-Exploitation Framework
swzhouu / bypass-clm
Forked from calebstewart/bypass-clmPowerShell Constrained Language Mode Bypass
swzhouu / GadgetToJScript
Forked from med0x2e/GadgetToJScriptA tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
Tool to bypass LSA Protection (aka Protected Process Light)
swzhouu / DotNetToJScript
Forked from tyranid/DotNetToJScriptA tool to create a JScript file which loads a .NET v2 assembly from memory.
swzhouu / SharpShooter
Forked from mdsecactivebreach/SharpShooterPayload Generation Framework
swzhouu / Certipy
Forked from ly4k/CertipyTool for Active Directory Certificate Services enumeration and abuse
swzhouu / SyscallTables
Forked from hfiref0x/SyscallTablesWindows NT x64 Syscall tables
swzhouu / NtCall64
Forked from hfiref0x/NtCall64Windows NT x64 syscall fuzzer
swzhouu / donut
Forked from TheWover/donutGenerates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
swzhouu / RpcView
Forked from silverf0x/RpcViewRpcView is a free tool to explore and decompile Microsoft RPC interfaces
swzhouu / winafl
Forked from googleprojectzero/winaflA fork of AFL for fuzzing Windows binaries
swzhouu / oleviewdotnet
Forked from tyranid/oleviewdotnetA .net OLE/COM viewer and inspector to merge functionality of OleView and Test Container
swzhouu / birdnet-poc
Forked from inb1ts/birdnet-pocExperimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
swzhouu / noPac
Forked from Ridter/noPacExploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
swzhouu / PetitPotam
Forked from topotam/PetitPotamPoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
swzhouu / DavRelayUp
Forked from Dec0ne/DavRelayUpDavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the default settings).