⚡ A Fast, Extensible Progress Bar for Python and CLI

Tool for Active Directory Certificate Services enumeration and abuse

Defeating Windows User Account Control

getsystem via parent process using ps1 & embeded c#

Windows Exploit Suggester - Next Generation

Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.

JAWS - Just Another Windows (Enum) Script

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

Scripts to help with different ffuf tasks and workflows

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

Timeroasting scripts by Tom Tervoort

This is a collection of some of mine mindmaps abount pentesting created with Obsidian.

Tool to automate code execution on the server running Gogs git service.

The fastest and more comprehensive multiprotocol credentials bruteforcer / password sprayer and enumerator. 🥷

Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.

Statically-linked ssh server with reverse shell functionality for CTFs and such

Compiled Binaries for Ghostpack

Extract hashes from the MongoDB database server to a hash format that hashcat accepts: -m 24100 (SCRAM-SHA-1) or -m 24200 (SCRAM-SHA-256)

Password list generator for password spraying - prebaked with goodies

A better way to install Nerd Fonts

Various *nix tools built as statically-linked binaries

Portable python binaries

Find broken links, missing images, etc within your HTML.

Burp Suite Certified Practitioner Exam Study

A list of public penetration test reports published by several consulting firms and academic security groups.

basic tmux settings everyone can agree on

Easy logging and screen capturing for Tmux.