FUD-UUID-Shellcode Another shellcode injection technique using C++ that attempts to bypass Windows Defender using XOR encryption sorcery and UUID strings madness :). How it works Shellcode generation Firstly, generate a payload in binary format( using either...
monkey365 Monkey365 is an Open Source security tool that can be used to easily conduct not only Microsoft 365 but also Azure subscriptions and Azure Active Directory security configuration reviews without the significant overhead...
Here you will find privilege escalation tools for Windows and Linux/Unix* (in some near future also for Mac). These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so...
emp3r0r Linux/Windows post-exploitation framework made by Linux user features beautiful terminal UI, use tmux for window management multi-tasking, you don’t need to wait for any commands to finish basic API provided through Unix socket...
Mondoo Mondoo is a natural language query system for scanning, deploying, and remediating your cloud-native applications. Feature Insights into your fleet Ask questions about your deployments and get answers. Simple questions are answered using...
Sliver Sliver is a Command and Control (C2) system made for penetration testers, red teams, and advanced persistent threats. It generates implants (slivers) that can run on virtually every architecture out there, and securely...
PrivescCheck – Privilege Escalation Enumeration Script for Windows This script aims to enumerate common Windows security misconfigurations which can be leveraged for privilege escalation and gather various information that might be useful for exploitation and/or post-exploitation. Features Current User Invoke-UserCheck...
kdigger kdigger, short for “Kubernetes digger”, is a context discovery tool for Kubernetes penetration testing. This tool is a compilation of various plugins called buckets to facilitate pentesting Kubernetes from inside a pod. Please...
Stratus Red team Stratus Red Team is “Atomic Red Team™” for the cloud, allowing to emulate offensive attack techniques in a granular and self-contained manner. Stratus Red Team is a lightweight Go binary you...
linux-smart-enumeration Linux enumeration tools for pentesting and CTFs This project was inspired by LinEnum and uses many of its tests. Unlike LinEnum, lse tries to gradually expose the information depending on its importance from a privesc...
