LinEnum – Scripted Local Linux Enumeration & Privilege Escalation Checks For more information visit www.rebootuser.com Note: Export functionality is currently in the experimental stage. High-level summary of…
View More LinEnum v0.95 released: Local Linux Enumeration & Privilege Escalation Checks
BloodHound is a single page Javascript web application, built on top of Linkurious, compiled with Electron, with a Neo4jdatabase fed by a PowerShell ingestor. BloodHound uses graph theory…
View More BloodHound v2.0.5 released: Active Directory Toolkit
WinPwn Automation for internal Windows Penetration Testing. 1) Automatic Proxy Detection 2) Elevated or unelevated Detection 3) Forensic Mode oder Pentest Mode a. Forensik ->…
View More WinPwn: Automation for internal Windows Penetration Testing
BloodHound.py BloodHound.py is a Python-based ingestor for BloodHound, based on Impacket. This version of BloodHound is only compatible with BloodHound 2.0 or newer. Limitations BloodHound.py currently has the…
View More BloodHound.py v0.6.1 releases: A Python based ingestor for BloodHound
DSInternals PowerShell Module and Framework The DSInternals project consists of these two parts: The DSInternals Framework exposes several internal features of Active Directory and can be used…
View More DSInternals PowerShell Module and Framework v3.2.1 Releases
Exchange-AD-Privesc This repository provides a few techniques and scripts regarding the impact of Microsoft Exchange deployment on Active Directory security. This is a side project…
View More Exchange-AD-Privesc: Exchange privilege escalations to Active Directory
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang. An introductory blog post can be found here. Evade network…
View More Merlin v0.6.4 release: cross-platform post-exploitation HTTP/2 Command & Control server and agent
Objective This tool can help pentesters to quickly dump all credz from known location, such as .bash_history, config files, wordpress credentials, and so on… This…
View More gimmecredz: quickly dump all credz
NoPowerShell NoPowerShell is a tool implemented in C# which supports executing PowerShell-like commands while remaining invisible to any PowerShell logging mechanisms. This .NET Framework 2…
View More nopowershell v1.2 releases: PowerShell rebuilt in C# for Red Teaming purposes
Vibe Vibe is a tool designed to perform post-ex lateral movement techniques while remaining undetected by network detection tools including Threat Hunting appliances. It works…
View More Vibe: A framework for stealthy domain reconnaissance