Stars
Small and highly portable detection tests based on MITRE's ATT&CK.
Kerberoast with ACL abuse capabilities
Dominate Active Directory with PowerShell.
SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
A small utility to translate NTDS.dit files to SQLite format.
Privilege Escalation Enumeration Script for Windows
An nmap parsing tool that helps identify all open ports and shows potential commands that can be used for the next step of a penetration test
PXEThief is a set of tooling that can extract passwords from the Operating System Deployment functionality in Microsoft Endpoint Configuration Manager
A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.
RunasCs - Csharp and open version of windows builtin runas.exe
C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527
A list of cyber-chef recipes and curated links
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
PowerShell framework to assess Azure security
A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems.
Azure Red Team tool for graphing Azure and Azure Active Directory objects
Various tips & tricks
.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers
Provision a brand-new company with proper defaults in Windows, Offic365, and Azure
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
Pillage web accessible GIT, HG and BZR repositories