trustedsec Goto Github PK

ptf

The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.

quicksql

QuickSQL is a simple MSSQL query tool that allows you to connect to MSSQL databases and does not require administrative level rights to use.

responder

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

ridenum

Rid_enum is a null session RID cycle attack for brute forcing domain controllers.

risingsun

RisingSun: Decoding SUNBURST C2 to identify infected hosts without network telemetry.

scriptkiddie-wmi-provider

seeyoucm-thief

ships

The Shared Host Integrated Password System (SHIPS) is a solution to provide unique and rotated local super user or administrator passwords for environments where it is not possible or not appropriate to disable these local accounts. Clients may be configured to rotate passwords automatically. Stored passwords can be retrieved by desktop support personnel as required, or updated when a password has to be manually changed in the course of system maintenance. By having unique passwords on each machine and logging of password retrievals, security can be improved my making networks more resistant to lateral movement by attackers and enhancing the ability to attribute actions to individual persons.

simplyemail

SimpleEmail is a email recon tool that is fast and easy framework to build on

sliverkeylogger

social-engineer-toolkit

The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

spoonmap

spraywmi

SprayWMI is an easy way to get mass shells on systems that support WMI. Much more effective than PSEXEC as it does not leave remnants on a system.

sysmoncommunityguide

TrustedSec Sysinternals Sysmon Community Guide

syswhispers

AV/EDR evasion via direct system calls.

tap

The TrustedSec Attack Platform is a reliable method for droppers on an infrastructure in order to ensure established connections to an organization.

tcs_injectiontechniques

trevorc2

TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution.

tscopy

unicorn

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.

user-behavior-mapping-tool

verifyelf

windows-ms-lsat-rpc-example

Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD

wpupdate

WPUpdate is a simple Linux service that automatically checks for a new version of Wordpress each night at 2AM.

zoinks

Manage Engine Decrypter