mpgn Follow 
Stars
We write your reusable computer vision tools. 💜
SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.
Dump the memory of any PPL with a Userland exploit chain
Powerful RSA cracker for CTFs. Supports RSA, X509, OPENSSH, PKCS#12, PKCS#7, and CSR in PEM and DER formats.
You didn't think I'd go and leave the blue team out, right?
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
A small POC to make defender useless by removing its token privileges and lowering the token integrity
A unique technique to execute binaries from a password protected zip
Dump Azure AD Connect credentials for Azure AD and Active Directory
Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!
A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Kerberos relaying and unconstrained delegation abuse toolkit
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Rich is a Python library for rich text and beautiful formatting in the terminal.
Automation for internal Windows Penetrationtest / AD-Security
Homemade Pwnbox 🚀 / Rogue AP 📡 based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap 💡
Advanced scanner for CVE-2020-0796 - SMBv3 RCE
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
Abusing impersonation privileges through the "Printer Bug"
RunasCs - Csharp and open version of windows builtin runas.exe
All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities
Remove duplicates from MASSIVE wordlist, without sorting it (for dictionary-based password cracking)
Identifies the bytes that Microsoft Defender flags on.