The pentester's Swiss knife

MagicDot rootkit

MagicDot: Exploiting Windows Paths for Rootkit Power

MagicDot A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue. MagicDot Python Package Implements MagicDot’s rootkit-like techniques: Files/Directories named with dots only Bonus – Such...

dump lsass process

NativeDump: dump the lsass process

NativeDump NativeDump allows to dump the lsass process using only NTAPIs generating a Minidump file with only the streams needed to be parsed by tools like Mimikatz or Pypykatz (SystemInfo, ModuleList, and Memory64List Streams)....

CT Log Scanner

gungnir: Certificate Transparency (CT) Log Scanner

Gungnir Gungnir is a command-line tool written in Go that continuously monitors certificate transparency (CT) logs for newly issued SSL/TLS certificates. Its primary purpose is to aid security researchers and penetration testers in discovering...