Category: Post Exploitation
KrbRelayUp Simple wrapper around some of the features of Rubeus and KrbRelay (and a few other honorable mentions in the acknowledgments section) in order to streamline the abuse of the following attack primitive: (Optional) New machine account...
ImproHound Identify the attack paths in BloodHound breaking your AD tiering ImproHound is a dotnet standalone win x64 exe with GUI. To use ImproHound, you must run SharpHound to collect the necessary data from...
HackBrowserData hack-browser-data is an open-source tool that could help you decrypt data[passwords|bookmarks|cookies|history] from the browser. It supports the most popular browsers on the market and runs on Windows, macOS, and Linux. Supported Browser Windows...
UACMe Defeating Windows User Account Control by abusing the built-in Windows AutoElevate backdoor. System Requirements x86-32/x64 Windows 7/8/8.1/10TH1/10TH2/10RS1/10RS2 (client, some methods, however, works on server version too). Admin account with UAC set on default...
LHF – Leaked Handles Finder Leaked Windows processes handles identification tool. Useful for identifying new LPE vulnerabilities during a pentest or simply as a new research process. Currently supports exploiting (autopwn) processes leaked handles...
pypykatz Mimikatz implementation in pure Python Why do I need these dumps files? In order to create mimikatz in Python, one would have to create structure definitions of a gazillion different structures (check the...
casper-fs Casper-fs is a custom Linux Kernel Module generator to work with resources to protect or hide a custom list of files. Each LKM has resources to protect or hide files following a custom...
OffensiveRust My experiments in weaponizing Rust for implant development and general offensive operations. Why Rust? It is faster than languages like C/C++ It is a multi-purpose language, bearing excellent communities It has an amazing inbuilt dependency...
dazzleUP A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems. dazzleUP detects the following vulnerabilities. Exploit Checks The first feature of dazzleUP is that...
ScheduleRunner A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation Scheduled task is one of the most popular attack technique in the past...