game of active directory

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

Collection of reverse shells for red team operations.

Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Directory environments

cobaltstrike ms17-010 module and some other

"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS

Ladon hacking Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network

Parses Snaffler output file and generate beautified outputs.

The great Microsoft exchange hack: A penetration tester’s guide (exchange penetration testing)

A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. It will automatically generate a userlist from the domain which excludes accounts that are expired, disabled locked out, or within 1 lockout attempt.

"Powershell script assisting with domain enumerating and in finding quick wins" - Basically written while doing the 'Advanced Red Team' lab from pentesteracademy.

Executes common PowerSploit Powerview functions then combines output into a spreadsheet for easy analysis.

A cheatsheet of tools and commands that I use to pentest Active Directory.

Ladon Moudle MS17010 Exploit for PowerShell

A sophisticated PowerShell script that stealthily injects Base64-encoded shellcode into the target process, featuring anti-debugging techniques to evade detection.

This script dynamically decodes and executes a Base64 encoded Mimikatz script, allowing users to bypass security measures and run specified Mimikatz commands.

Misc resources for my daily pentesting...