AzureRT - A Powershell module implementing various Azure Red Team tactics

Modular Enumeration and Password Spraying Framework

Username enumeration and password spraying tool aimed at Microsoft O365.

Dumping DPAPI credz remotely

Computer object takeover through Resource-Based Constrained Delegation (msDS-AllowedToActOnBehalfOfOtherIdentity)

Also known by Microsoft as Knifecoat 🌶️

Various Cobalt Strike BOFs

Situational Awareness commands implemented using Beacon Object Files

Useful C2 techniques and cheat sheets learned from engagements

Chromium Cookie import / export tool

AADInternals PowerShell module for administering Azure AD and Office 365

Azure Red Team tool for graphing Azure and Azure Active Directory objects

PowerShell framework to assess Azure security

Subdomain finder

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)

A .NET Runtime for Cobalt Strike's Beacon Object Files

The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.

Impersonating authentication over HTTP and/or named pipes.

Collection of Offensive C# Tooling

SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.

RunasCs - Csharp and open version of windows builtin runas.exe

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

Parse your LastPass vault and export to CSV files

C# implementation of harmj0y's PowerView

Trying to tame the three-headed dog.

.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers

Windows and Cygwin port of proxychains, based on MinHook and DLL Injection

Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction