Disable Windows Defender: UAC Bypass + Upgrade to SYSTEM
Disable Windows Defender Privilege tokens are permissions given by the system to a process. For example, if a process has a “SeShutdownPrivilege” token, then it has the right to turn...
Category: Penetration Testing
HardeningMeter: The Python Tool for Thorough Security Hardening Evaluation
Hardening Meter HardeningMeter is an open-source Python tool carefully designed to comprehensively assess the security hardening of binaries and systems. Its robust capabilities include thorough checks of various binary exploitation...
Honeyscanner – A vulnerability analyzer for Honeypots
Honeyscanner – A vulnerability analyzer for Honeypots Honeyscanner is a vulnerability analyzer for honeypots designed to automatically attack a given honeypot, in order to determine if the honeypot is vulnerable...
cnappgoat: modularly provision vulnerable-by-design components in cloud environments
CNAPPgoat CNAPPgoat is a multi-cloud, vulnerable-by-design environment deployment tool – specifically engineered to facilitate practice arenas for defenders and pentesters. Its main function is to deploy intentionally vulnerable environments across...
JS-Tap: generic JavaScript payload and supporting software to help red teamers attack webapps
JS-Tap JS-Tap is a generic JavaScript payload and supporting software to help red teamers attack webapps. The JS-Tap payload can be used as an XSS payload or as a post-exploitation...
USB Under Siege: The STEADY#URSA Attack Campaign of SUBTLE-PAWS on Ukrainian Military
A new, sophisticated attack campaign, dubbed STEADY#URSA, has emerged, casting a long shadow over the cybersecurity defenses of Ukraine’s military. Orchestrated by the enigmatic group known as Shuckworm, this campaign...
Bypassing Microsoft Login Pages: Frameless BITB’s Innovative Approach
Frameless BITB A new approach to Browser In The Browser (BITB) without the use of iframes, allows the bypass of traditional framebusters implemented by login pages like Microsoft. This POC...
SOAPHound: enumerate Active Directory environments via ADWS protocol
SOAPHound SOAPHound is a .NET data collector tool, which collects Active Directory data via the Active Directory Web Services (ADWS) protocol. SOAPHound is an alternative to several open-source security tools...
pecoret: A Pentest Collaboration and Reporting Tool
PeCoReT PeCoReT (Pentest Collaboration and Reporting Tool) is an open-source application to manage your pentest projects. PeCoReT allows pentesters to focus on testing instead of writing the report. It can...
ADOKit: Azure DevOps Services Attack Toolkit
ADOKit Azure DevOps Services Attack Toolkit – ADOKit is a toolkit that can be used to attack Azure DevOps Services by taking advantage of the available REST API. The tool...
Cookie-Monster: BOF to steal browser cookies & credentials
Cookie-Monster Steal browser cookies for Edge, Chrome, and Firefox through a BOF or exe! Cookie-Monster will extract the WebKit master key, locate a browser process with a handle to the...
LEAKEY: checks and validates for leaked credentials
LEAKEY LEAKEY is a tool for validation of leaked API tokens/keys found during pentesting and Red Team Engagements. The script is really useful for Bug Hunters in order to validate...
LOLSpoof: An interactive shell to spoof some LOLBins command line
LOLSpoof LOLSpoof is an interactive shell program that automatically spoofs the command line arguments of the spawned process. Just call your incriminate-looking command line LOLBin (e.g. powershell -w hidden -enc...
ioctlance: detect various vulnerability types in Windows Driver Model (WDM) drivers
IOCTLance Presented at CODE BLUE 2023, this project titled Enhanced Vulnerability Hunting in WDM Drivers with Symbolic Execution and Taint Analysis introduces IOCTLance, a tool that enhances its capacity to detect various vulnerability...
DockerExploit: Docker Remote API Scanner and Exploit
Docker Remote API Scanner and Exploit This repository contains a Docker Remote API Scanner and Exploit tool designed for educational and research purposes. It enables users to perform security assessments...
