Vagrant VirtualBox environment for conducting an internal network penetration test

Flamingo captures credentials sprayed across the network by various IT and security products.

.Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py

.NET 4.0 WinRM API Command Execution

Blog posts

Secure multithreaded packet sniffer

A set of Python scripts for finding threats in Office365

List of Awesome CobaltStrike Resources

Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment

Network Analysis Tool

An open source SPI flash emulator and monitor

Powershell script that decrypts the data stored within a Thycotic Secret Server

Password spraying using AWS Lambda for IP rotation

Maximizing BloodHound. Max is a good boy.

PCAP Samples for Different Post Exploitation Techniques

Simple (relatively) things allowing you to dig a bit deeper than usual.

Exploits for various CVEs

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

Binary Protocol Differ

A collection of all the data i could extract from 1 billion leaked credentials from internet.

uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web application…

A tool to help query AD via the LDAP protocol

Really stupid re-implementation of invoke-wmiexec

Dump ntds.dit really fast

A from-scratch rewrite of The Backdoor Factory - a MitM tool for inserting shellcode into all types of binaries on the wire.

Resources About Persistence, Multiple Platforms. Including ~80 Tools and 300+ Posts.

The Hunt for Malicious Strings

Credentials gathering tool automating remote procdump and parse of lsass process.

Tools & Interesting Things for RedTeam Ops