lazagne

Credentials recovery project

ldap_shell

AD ACL abuse

ldaprelayscan

Check for LDAP protections regarding the relay of NTLM authentication

ldapsigncheck

Beacon Object File & C# project to check LDAP signing

leak-client

lethalhta

Lateral Movement technique using DCOM and HTA

libssh-scanner

Script to identify hosts vulnerable to CVE-2018-10933

linkedin-clone

list-rdp-connections-history

Use powershell to list the RDP Connections History of logged-in users or all users

lmg

Script for automating Linux memory capture and analysis

lockless

Lockless allows for the copying of locked files.

log4j-exploit-example

Don't use this maliciously, this is for testing

log4j-scan

A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

log4shell-rex

PCRE RegEx matching Log4Shell CVE-2021-44228 IOC in your logs

lrs-pager-systems-bruteforce

Long Range Pager Systems pagers and coasters URH and YS1 (yardstick one / cc11xx) information and brute force tool

lsass-shtinkering

macro_pack

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

macrome

Excel Macro Document Reader/Writer for Red Teamers & Analysts

mailsniper

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.

maldoc-embedded-exe-bin-

This is a technique one can use for their MalDoc.

maliciousclickoncemsbuild

Basic C# Project that will take an MSBuild payload and run it with MSBuild via ClickOnce.

maliciousmacromsbuild

Generates Malicious Macro and Execute Powershell or Shellcode via MSBuild Application Whitelisting Bypass.

malleable-c2-profiles

Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x.

malsccm

mangle

Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs

mapcidr

Small utility program to perform multiple operations for a given subnet/CIDR ranges.

masky

Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory

memprocfshunter

A powershell parser for https://github.com/ufrisk/MemProcFS

mfasweep

A tool for checking if MFA is enabled on multiple Microsoft Services

midnighttrain

Covert Stage-3 Persistence Framework