Best practices for segmentation of the corporate network of any company

Your template-based BloodHound terminal companion tool

PoC to coerce authentication from Windows hosts using MS-WSP

Community generated list of API security tests to find OWASP top10, HackerOne top 10 vulnerabilities

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing

A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

PowerShell Active Directory helper functions to manage healthy Active Directory

RunasCs - Csharp and open version of windows builtin runas.exe

StandIn is a small .NET35/45 AD post-exploitation toolkit

Red Team K8S Adversary Emulation Based on kubectl

Loads any C# binary in mem, patching AMSI + ETW.

一个包含php,java,python,C#等各种语言版本的XXE漏洞Demo

This challenge is Inon Shkedy's 31 days API Security Tips.

Ultimate File Transfer List

Windows 权限提升 BadPotato

An Encrypted HTTP Proxy (ALPHA)

Network Analysis Tool

A tool to make socks connections through HTTP agents

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

A Powershell module that helps you identify AppLocker weaknesses

Simple (relatively) things allowing you to dig a bit deeper than usual.

📖 Kubernetes CheatSheets In A4

Create a TCP circuit through validly formed HTTP requests

The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.

渗透测试常规操作记录

pwning IPv4 via IPv6

Lab Material for the Two-Day Defending Modern DevOps Environments Course

Apache Tomcat + MongoDB Remote Code Execution