An offensive data enrichment pipeline

Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime patches signatures and uses SharpSploit DInvoke to PE-Load into…

Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.

Dump ntds.dit really fast

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Rockyou for web fuzzing

WiFi keylogger with Micro SD slot, based on the Atmega32U4 microcontroller and the ESP32-PICO module

Enumerate and test Logitech wireless input devices for vulnerabilities with a nRF52840 radio dongle.

BadUSB cable based on Attiny85 microcontroller with data line enabled.

Homemade Pwnbox 🚀 / Rogue AP 📡 based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap 💡

Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)

Mentalist is a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with Hashcat…

Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket.

A python script to dump all the challenges locally of a CTFd-based Capture the Flag.

Maximizing BloodHound. Max is a good boy.

Just another Powerview alternative

DirSync is a simple proof of concept PowerShell module to demonstrate the impact of delegating DS-Replication-Get-Changes and DS-Replication-Get-Changes-In-Filtered-Set.

Roast in the Middle

D2 is a modern diagram scripting language that turns text to diagrams.

Active Directory ACL exploitation with BloodHound

In-depth ldap enumeration utility

Kraken, a modular multi-language webshell coded by @secu_x11

Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a variety of supported platforms.

A Kerberos AP-REQ hijacking tool with DNS unsecure updates abuse.

The Dom amongst the Flipper Zero Firmware. Give your Flipper the power and freedom it is really craving. Let it show you its true form. Dont delay, switch to the one and only true Master today!

Assess the security of your Active Directory with few or all privileges.

This is a command line tool I use when I want to get notified, on Telegram (on my phone), that something has finished running (on my laptop).

Simple CLI tool for the generation of downloader oneliners for UNIX-like or Windows systems

Python script for extracting and decrypting Group Policy Preferences passwords