Puma Security Serverless Prey Serverless Prey is a collection of serverless functions (FaaS), that, once launched to a cloud environment and invoked, establish a TCP reverse shell, enabling the user to introspect the underlying...
RustPotato is a Rust-based implementation of GodPotato, a privilege escalation tool that abuses DCOM and RPC to leverage SeImpersonatePrivilege and gain NT AUTHORITY\SYSTEM privileges on Windows systems. Key Features TCP-based Reverse Shell: RustPotato features a TCP-based reverse shell based on Rustic64Shell. It leverages Winsock APIs...
NTLM Relay Gat NTLM Relay Gat is a powerful tool designed to automate the exploitation of NTLM relays using ntlmrelayx.py from the Impacket tool suite. By leveraging the capabilities of ntlmrelayx.py, NTLM Relay Gat streamlines...
ACEshark ACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminating the need for tools like accesschk.exe or other non-native binaries. Why? Efficiently identify and analyze service...
SharpADWS SharpADWS is an Active Directory reconnaissance and exploitation tool for Red Teams that collects and modifies Active Directory data via the Active Directory Web Services (ADWS) protocol. Typically, enumeration or manipulation of Active...
Vermilion Vermilion is a simple and lightweight CLI tool designed for rapid collection, and optional exfiltration of sensitive information from Linux systems. Its primary purpose is to streamline the process of gathering critical data...
Protect Loader Protect Loader is a shellcode loader written in pure golang designed to provide various security and evasion techniques for Go applications. It includes features such as shellcode loading, obfuscation, the use of...
HellBunny The purpose of this research project was to develop a comprehensive understanding of the architecture and internals of the Windows operating system, including the Native API, the Process and Thread Environment Block, and...
GraphStrike GraphStrike is a suite of tools that enables Cobalt Strike’s HTTPS Beacon to use Microsoft Graph API for C2 communications. All Beacon traffic will be transmitted via two files created in the attacker’s SharePoint site,...
NucleiFuzzer = Nuclei + Paramspider NucleiFuzzer is an advanced automation tool designed to streamline and optimize web application security testing by integrating a suite of powerful URL discovery and vulnerability scanning tools. It combines...
KrbRelayEx-RPC Kerberos Relay and Forwarder for (Fake) RPC/DCOM MiTM Server KrbRelayEx-RPC is a tool similar to my KrbRelayEx designed for performing Man-in-the-Middle (MitM) attacks by relaying Kerberos AP-REQ tickets. This version implements a fake RPC/DCOM server:...
psudohash Psudohash is a password list generator for orchestrating brute force attacks and cracking hashes. It imitates certain password creation patterns commonly used by humans, like substituting a word’s letters with symbols or numbers...
SMShell PoC for an SMS-based shell. Send commands and receive responses over SMS from mobile broadband-capable computers. This tool came as an inspiration during research on eSIM security implications led by Markus Vervier, presented...
goLAPS Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS. This project was just a personal excuse to learn Golang. Capabilities It can get all LAPS passwords from a domain controler using...
GPOddity The GPOddity project aims at automating GPO attack vectors through NTLM relaying (and more). For more details regarding the attack and a demonstration of how to use the tool, see the associated article...
DavRelayUp A quick and dirty port of KrbRelayUp with modifications to allow for NTLM relay from webdav to LDAP in order to streamline the abuse of the following attack primitive: (Optional) New machine account creation (New-MachineAccount)...
