Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

BloodyAD is an Active Directory Privilege Escalation Framework

PowerSploit - A PowerShell Post-Exploitation Framework

📙 Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.

A Go implementation of Cobalt Strike style BOF/COFF loaders.

Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.

Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain

Impacket is a collection of Python classes for working with network protocols.

AD Enum is a pentesting tool that allows to find misconfiguration through the the protocol LDAP and exploit some of those weaknesses with kerberos.

Dark Web OSINT Tool

OnionScan is a free and open source tool for investigating the Dark Web.

🧭 A fast, clean, customisable shell prompt for zsh, bash, fish, and more...

This repository is a compilation of all APT simulations that target many vital sectors,both private and governmental. The simulation includes written tools, C2 servers, backdoors, exploitation tech…

Secure, cross-platform Git credential storage with authentication to GitHub, Azure Repos, and other popular Git hosting services.

Use a Fake image.jpg to exploit targets (hide known file extensions)

Open Breach and Attack Simulation Platform

A fast TCP/UDP tunnel over HTTP

smbclient-ng, a fast and user friendly way to interact with SMB shares.

The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)

not a reverse-engineered version of the Cobalt Strike Beacon

Dump cookies and credentials directly from Chrome/Edge process memory

Identifies the bytes that Microsoft Defender flags on.

🌴Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)

A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization,…

A resource containing all the tools each ransomware gangs uses

Cisco Orbital - Osquery queries by Talos

Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities