Information Security
Starkiller Starkiller is a Frontend for Powershell Empire. It is an Electron application written in VueJS. Multi-user GUI application for interfacing with the Empire C2 server from any computer. Starkiller represents a huge step forward...
pwncat Netcat on steroids with Firewall and IPS evasion, bind and reverse shell, local and remote port-forward. Motivation Ever accidentally hit Ctrl+c on your reverse shell and it was gone for good? Ever waited forever for...
ADCollector ADCollector is a lightweight tool that enumerates the Active Directory environment to identify possible attack vectors. It will give you a basic understanding of the configuration/deployment of the environment as a starting point....
AutoRDPwn is a script created in Powershell and designed to automate the Shadow attack on Microsoft Windows computers. This vulnerability allows a remote attacker to view his victim’s desktop without his consent, and even control it on...
PoshC2 PoshC2 is a proxy aware C2 framework used to aid penetration testers with red teaming, post-exploitation and lateral movement. PoshC2 is primarily written in Python3 and follows a modular format to enable users...
Mimikatz is an open-source gadget written in C, launched in April 2014. It is very powerful, support from the Windows system memory to extract clear text password, hash, PIN code, and Kerberos credentials, and...
WinPwn Automation for internal Windows Penetration Testing. 1) Automatic Proxy Detection 2) Elevated or unelevated Detection 3) Forensic Mode oder Pentest Mode a. Forensik -> Loki + PSRECON + Todo: Threathunting functions b. Pentest...
PowerHub PowerHub is a web application which aids a pentester in transferring files, in particular, code which may get flagged by endpoint protection. During an engagement where you have a test client available, one...
EDR-Checker Invoke-EDRChecker will check running processes, process metadata, Dlls loaded into your current process and each DLLs metadata, common install directories, installed services, the registry and running drivers for the presence of known defensive...
Enumdb is a brute force and post-exploitation tool for MySQL and MSSQL databases. When provided a list of usernames and/or passwords, it will cycle through each targeted host looking for valid credentials. By default,...
