antonybwana's Projects
An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
The script allows to bypass SSL pinning on Android >= 7 and makes APK file ready for HTTPS traffic inspection
Config files for my GitHub profile.
Awesome collection of resources š
A collection of hacking / penetration testing resources to make you better!
This publication is a collection of various common attack scenarios on Azure Active Directory and how they can be mitigated or detected.
Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
Python / scapy module implementing SRVLOC/SLP protocol and scans for enabled OpenSLP services.
POC for CVE-2021-21974 VMWare ESXi RCE Exploit
CVE-2021-22005 - VMWare vCenter Server File Upload to RCE
Detect Tactics, Techniques & Combat Threats
iOS Frida Scripts
Internal Network Penetration Test Playbook
IOXIDResolver.py from AirBus Security
Shell script for testing the IPMI cipher type zero authentication bypass vulnerability (CVE-2013-4784)
:godmode: Ultimate list of Linux bash commands, cheatsheet and resources
linWinPwn is a bash script that automates a number of Active Directory Enumeration and and Vulnerability checks
A small tool built to detect and fix common misconfigurations in Active Directory Certificate Services.
macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
PoC exploits I wrote. They're as is and I will not offer support
NAT Pinning test suite tool for penetration testers.
Planning for the Christmas heist
articles
PoC or Exp Of Vulnerability
Pentesting cheatsheet with all the commands I learned during my learning journey. Will try to to keep it up-to-date.
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts