A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.

Table of AD and Azure assets and whether they belong to Tier Zero

Send phishing messages and attachments to Microsoft Teams users

Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

Documents Exfiltration project for fun and educational purposes

Use ESC1 to perform a makeshift DCSync and dump hashes

So, you think you have MFA? AAD/ROPC/MFA bypass testing tool

TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts

Bounces when a fish bites - Evilginx database monitoring with exfiltration automation

SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.

Amplify network visibility from multiple POV of other hosts

A User Impersonation tool - via Token or Shellcode injection

A tool to elevate privilege with Windows Tokens

Intune Device Details GUI HTML v4.2 (New Updated!)

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Steal/Inject Chrome cookies over the DevTools (--remote-debugging-port) protocol.

Interact with Chromium-based browsers' debug port to view open tabs, installed extensions, and cookies

A tool for quickly evaluating IAM permissions in AWS.

A tool for quickly evaluating IAM permissions in AWS.

Automation for internal Windows Penetrationtest / AD-Security

.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers