Category: Post Exploitation
Tokenizer Tokenizer is a kernel mode driver project that allows the replacement of a process token in EPROCESS with a system token, effectively elevating the privileges of the process. The driver is designed to...
KittyStager KittyStager is a stage 0 C2 comprising an API, client, and malware. The API is responsible for delivering basic tasks and shellcodes to be injected into memory by the malware. The client also...
pypykatz Mimikatz implementation in pure Python Why do I need these dumps files? In order to create mimikatz in Python, one would have to create structure definitions of a gazillion different structures (check the...
emp3r0r Linux/Windows post-exploitation framework made by Linux user features beautiful terminal UI, use tmux for window management multi-tasking, you don’t need to wait for any commands to finish basic API provided through Unix socket...
BloodHound is a single page Javascript web application, built on top of Linkurious, compiled with Electron, with a Neo4jdatabase fed by a PowerShell ingestor. BloodHound uses graph theory to reveal the hidden and often unintended relationships within...
QRExfiltrate This tool is a command line utility that allows you to convert any binary file into a QRcode GIF. The data can then be reassembled visually allowing the exfiltration of data in air-gapped...
PrivescCheck – Privilege Escalation Enumeration Script for Windows This script aims to enumerate common Windows security misconfigurations which can be leveraged for privilege escalation and gather various information that might be useful for exploitation and/or post-exploitation. Features Current User Invoke-UserCheck...
EC2StepShell EC2StepShell is an AWS post-exploitation tool for getting high privileges to reverse shells in public or private EC2 instances. It works by sending commands to EC2 instances using ssm:SendCommand and then retrieves the...
bloodyAD BloodyAD is an Active Directory Privilege Escalation Framework. This tool can perform specific LDAP/SAMR calls to a domain controller in order to perform AD privesc. It supports authentication using cleartext passwords, pass-the-hash, pass-the-ticket,...
RedGuard – Excellent C2 Front Flow Control tool RedGuard is a derivative work of the C2 facility pre-flow control technology. It has a lighter design, efficient flow interaction, and reliable compatibility with go language...