BloodyAD is an Active Directory Privilege Escalation Framework

A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Integrates with LLM agents via MCP for enhanced analysis capabil…

SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai.

View markdown file tree in a fancy web interface.

A fast TCP/UDP tunnel over HTTP

Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

GLPI vulnerabilities checking tool

FindUncommonShares is a Python script allowing to quickly find uncommon shares in vast Windows Domains, and filter by READ or WRITE accesses.

game of active directory

Tool for Active Directory Certificate Services enumeration and abuse

Windows inside a Docker container.

A command and control framework written in rust.

A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.

Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

Dumping LSA secrets: a story about task decorrelation

Script collection for reconnaissance, post-exploitation & hunting on Windows networks

Offensive tool for Active Directory reconnaissance

Offensive tool for fileless lateral movement on Windows networks

Dump Azure AD Connect credentials for Azure AD and Active Directory

Extract credentials from lsass remotely

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.

Platform that enables Windows driver development in Rust. Developed by Surface.

LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.