5D Diplomacy With Multiverse Time Travel

An offensive data enrichment pipeline

Abusing Azure services over C2

Resources linked to my presentation at OffensiveX in Athens in June 2024 on the topic "Breach the Gat, Advanced Initial Access in 2024"

Easily and securely send things from one computer to another 🐊 📦

A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk

Dumping DPAPI credz remotely

An App Domain Manager Injection DLL PoC on steroids

A repository of breaches of AWS customers

Saves Discord chat logs to a file

Convert Inkscape SVG drawings to KiCad PCB and footprint modules

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

Models combat in a classic fantasy TTRPG (e.g., Original D&D).

Investigation about ACL abusing for Active Directory Certificate Services (AD CS)

POC of SecureWorks' recent Azure Active Directory password brute-forcing vuln

Wordlists for creating statistically likely username lists for use in password attacks and security testing

Cobalt Strike Shellcode Generator

Collection of useful Canary tools

Azure Red Team tool for graphing Azure and Azure Active Directory objects

CVE-2019-1388 UAC提权 (nt authority\system)

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

Collection of created MindMaps

✍️ A curated list of CVE PoCs.

For use in tabletop rpgs. Login: 8A73B5@trustno1 or admin@admin

This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapshot permission.

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

Aggressor scripts for Cobalt Strike

A collection of curated Java Deserialization Exploits