AzureADRecon is a tool which gathers information about the Azure Active Directory and generates a report which can provide a holistic picture of the current state of the target environment.

PowerShell framework to assess Azure security

Official electron build of draw.io

This script runs several security checks and makes modifications (with your permission) to your Active Directory domain to improve it's security posture.

Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.

Android ReverseShell over HTTP

PowerShell SecretManagement module for DPAPI-NG

Python DPAPI NG Decryptor for non-Windows Platforms

A browser based visualization of domain trusts. Give it a csv, get a pretty diagram to play with!

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Check-LocalAdminHash is a PowerShell tool that attempts to authenticate to multiple hosts over either WMI or SMB using a password hash to determine if the provided credential is a local administrat…

Introductory guide on the configuration and subsequent exploitation of Active Directory Certificate Services with Certipy. Based on the white paper Certified Pre-Owned.

SMBeagle - Fileshare auditing tool.

FindUncommonShares is a Python script allowing to quickly find uncommon shares in vast Windows Domains, and filter by READ or WRITE accesses.

Automation for internal Windows Penetrationtest / AD-Security

Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/

This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public expl…