The SpecterOps project management and reporting engine

TrustedSec Sysinternals Sysmon Community Guide

SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.

Robust evasion attacks against neural network to find adversarial examples

LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113

A tool that is used to hunt vulnerabilities in x64 WDM drivers

PXEThief is a set of tooling that can extract passwords from the Operating System Deployment functionality in Microsoft Endpoint Configuration Manager

Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel

Intercept Windows Named Pipes communication using Burp or similar HTTP proxy tools

SOAPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.

This framework enables user to discover JOP gagdets and can automate building a complete JOP chain to bypass DEP. JOP ROCKET is the ultimate solution for Windows jump-oriented programming. JOP ROCK…

Dump processes over WMI with MSFT_MTProcess

Convert Packet Tracer files (.pkt/.pka) to XML and vice versa.

VFGadget locator to facilitate Counterfeit Object-Oriented Programming (COOP) and Loop-Oriented Programming (LOP) attacks to bypass advanced security protections like Intel CET and Control-Flow Gua…

UDP Reverse Shell written in Python 3 and with Scapy (backdoor/rev shell) without exposing any port and data Exfiltration using udp