Declarative penetration testing orchestration framework

Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment

A default credential scanner.

Covenant is a collaborative .NET C2 framework for red teamers.

Armory is a tool meant to take in a lot of external and discovery data from a lot of tools, add it to a database and correlate all of related information.

A C# implementation of PrivExchange by @_dirkjan.

Sheepl : Creating realistic user behaviour for supporting tradecraft development within lab environments

Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.

The Markdown-based note-taking app that doesn't suck.

Active Directory ACL exploitation with BloodHound

linikatz is a tool to attack AD on UNIX

Keylogger written in C#

RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

PowerShell rebuilt in C# for Red Teaming purposes

An #OSINT Framework to perform various recon techniques, aggregate all the raw data, and give data in multiple formats.

Your Social Engineering Sidekick

A Linux version of the ProcDump Sysinternals tool

Trying to tame the three-headed dog.

SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approach than manually compiling an .NET assembly and loading it i…

A Python based ingestor for BloodHound

SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader

.NET 2.0 CLR project to retrieve saved browser credentials from Google Chrome, Mozilla Firefox and Microsoft Internet Explorer/Edge.

A C# DLL to Dump LSA Secrets

SharpSploit is a .NET post-exploitation library written in C#

A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.

C# implementation of harmj0y's PowerView

A collection of links related to Linux kernel security and exploitation

A series of tutorials about radare2 framework from https://www.megabeets.net

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.