Evasion for Cobalt Strike

Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and comprehensive network discovery. Export results as BloodHound‑…

MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.

Tools and blogs I use to perform GCP red teams

Python script that performs email address validation against Office 365 without submitting login attempts.

A security assessment tool for analyzing Active Directory Group Policy Objects (GPOs) to identify misconfigurations and vulnerabilities

Enhance Your Active Directory Password Spraying with User Intelligence.

retrieve information via O365 and AzureAD with a valid cred

In-depth ldap enumeration utility

My PowerShell Stuff

Converts/manipulates/extracts data from a Nmap scan output.

A collection of Red Team focused tools, scripts, and notes

Tools for discovery and abuse of COM hijacks

PoC for proxying COM objects when hijacking

A tool for coercing and relaying Kerberos authentication over DCOM and RPC.

Collection of beacon BOF written to learn windows and cobaltstrike

Collection of beacon BOF written to learn windows and cobaltstrike

Autonomous Assumed Breach Penetration-Testing Active Directory Networks

BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions

Various Cobalt Strike BOFs

A BOF to automate common persistence tasks for red teamers

Pseudo-shell for RCE scenarios: tunnels commands via /tmp sockets to a local daemon, keeps context, no bind or reverse shell needed.

Collect Windows telemetry for Maldev

Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel

skype4b-lync-certificate-checker-tool

wspcoerce coerces a Windows computer account via SMB to an arbitrary target using MS-WSP