0xsv1 Goto Github PK

aad-sso-enum-brute-spray

POC of SecureWorks' recent Azure Active Directory password brute-forcing vuln

adcspwn

A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.

aes-powershellcode

Standalone version of my AES Powershell payload for Cobalt Strike.

aggressor-vysec

aggressorscripts

Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources

appproxyc2

appx_blog

apt06202001

Applied Purple Teaming - Infrastructure, Threat Optics, and Continious Improvement - June 6, 2020

awesome-burp-extensions

A curated list of amazingly awesome Burp Extensions

azure-app-tools

Collection of tools to use with Azure Applications

azurec2relay

AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Cobalt Strike Malleable C2 profile.

badassmacros

BadAssMacros - C# based automated Malicous Macro Generator.

bettersafetykatz

BetterSafetyKatz

betterxencrypt

A better version of Xencrypt.Xencrypt it self is a Powershell runtime crypter designed to evade AVs.

blackbird

Subdomain Enumeration and Scanner

bloodhound-custom-queries

Custom Query list for the Bloodhound GUI based off my cheatsheet

bloodhound-playbook

Reproducible and extensible BloodHound playbooks

bloodhound-quickwin

Simple script to extract useful informations from the combo BloodHound + Neo4j

bloodhoundqueries

bloodyad

BloodyAD is an Active Directory Privilege Escalation Framework

bof-networkserviceescalate

Abuses the Shared Logon Session ID Issue (Described [here](https://www.tiraniddo.dev/2020/04/sharing-logon-session-little-too-much.html) by the awesome James Forshaw) To Achieve System From NetworkService. Can be used as a "getsystem" as well

bofs

Collection of Beacon Object Files

breaking-and-pwning-apps-and-servers-aws-azure-training

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

build_a_phish

Ansible playbook to deploy a phishing engagement

c-sharp-memory-injection

A set of scripts that demonstrate how to perform memory injection in C#

c2-terraform

C2 deployment with Terraform

caddystager

carboncopy

A tool which creates a spoofed certificate of any online website and signs an Executable for AV Evasion. Works for both Windows and Linux

chameleon

Chameleon: A tool for evading Proxy categorisation

chimera

Chimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.