1-day current streak·4-day longest streak
S3cur3Th1sSh1t! 10+ years penetration testing Scripting in my spare time, pwning ⚡ at work! Personal blog: If you want to support my work and or make regular use of my…
S3cur3Th1sSh1t!
10+ years penetration testing
Scripting in my spare time, pwning ⚡ at work!




Personal blog:
If you want to support my work and or make regular use of my toolings :heart::
Mastodon
<!--
S3cur3Th1sSh1t/S3cur3Th1sSh1t is a ✨ _special_ ✨ repository because its README.md (this file) appears on your GitHub profile.
Here are some ideas to get you started:
- 🔭 I’m currently working on ...
- 🌱 I’m currently learning ...
- 👯 I’m looking to collaborate on ...
- 🤔 I’m looking for help with ...
- 💬 Ask me about ...
- 📫 How to reach me: ...
- 😄 Pronouns: ...
- ⚡ Fun fact: ...
-
NimSyscallPacker ★ PINNED
No description.
Nim ★ 193 22d agoExplain → -
Caro-Kann ★ PINNED
Encrypted shellcode Injection to avoid Kernel triggered memory scans
C ★ 426 2y agoExplain → -
Ruy-Lopez ★ PINNED
No description.
C ★ 322 3y agoExplain → -
WinPwn ★ PINNED
Automation for internal Windows Penetrationtest / AD-Security
PowerShell ★ 3.7k 10mo agoExplain → -
SharpImpersonation ★ PINNED
A User Impersonation tool - via Token or Shellcode injection
C# ★ 422 4y agoExplain → -
SharpNamedPipePTH ★ PINNED
Pass the Hash to a named pipe for token Impersonation
C# ★ 310 2y agoExplain → -
Pentest-Tools
No description.
★ 2.4k 2y agoExplain → -
Amsi-Bypass-Powershell
This repo contains some Amsi Bypass methods i found on different Blog Posts.
★ 2.2k 1y agoExplain → -
PowerSharpPack
No description.
PowerShell ★ 1.7k 1y agoExplain → -
OffensiveVBA
This repo covers some code execution and AV Evasion methods for Macros in Office documents
VBA ★ 1.3k 4y agoExplain → -
Creds
Some usefull Scripts and Executables for Pentest & Forensics
PowerShell ★ 1.2k 10d agoExplain → -
MultiPotato
No description.
C++ ★ 535 4y agoExplain → -
Invoke-SharpLoader
No description.
PowerShell ★ 362 5y agoExplain → -
Nim-RunPE
A Nim implementation of reflective PE-Loading from memory
Nim ★ 296 1y agoExplain → -
NimGetSyscallStub
Get fresh Syscalls from a fresh ntdll.dll copy
Nim ★ 233 4y agoExplain → -
SharpVeeamDecryptor
Decrypt Veeam database passwords
C# ★ 225 6mo agoExplain → -
NamedPipePTH
Pass the Hash to a named pipe for token Impersonation
PowerShell ★ 145 5y agoExplain → -
SyscallAmsiScanBufferBypass
AmsiScanBufferBypass using D/Invoke
C# ★ 136 5y agoExplain → -
Excel-Phish
Phish password protected Excel-Files
VBA ★ 108 2y agoExplain → -
Nim_DInvoke
D/Invoke implementation in Nim
Nim ★ 101 4y agoExplain → -
AI-Coded-scripts
This repo contains useful scripts that AI created for me which I would have been too lazy for
Python ★ 100 3d agoExplain → -
Sharp-HackBrowserData ▣
C# binary with embeded golang hack-browser-data
C# ★ 100 4y agoExplain → -
Get-System-Techniques
No description.
PowerShell ★ 98 4y agoExplain → -
RDPThiefInject
RDPThief donut shellcode inject into mstsc
C# ★ 88 5y agoExplain → -
NimShellcodeFluctuation
ShellcodeFluctuation PoC ported to Nim
Nim ★ 77 3y agoExplain → -
My-starred-Repositories
This is my starred repositories including the description for each tool. Makes search/filter over them easier.
★ 68 1y agoExplain → -
Nim_CBT_Shellcode
CallBack-Techniques for Shellcode execution ported to Nim
Nim ★ 61 5y agoExplain → -
Invoke-Sharpcradle
Load C# Code straight to memory
PowerShell ★ 56 6y agoExplain → -
SharpOxidResolver
IOXIDResolver from AirBus Security/PingCastle
C# ★ 52 5y agoExplain → -
BitwardenDecryptBrute
Wordlist attacks on Bitwarden data.json files
Python ★ 48 4y agoExplain → -
LDAP-Signing-Scanner ▣
A little scanner to check the LDAP Signing state
★ 46 4y agoExplain → -
SharpPolarBear ▣
Privesc through import of Sheduled tasks + Hardlinks - CVE-2019-1069
C# ★ 37 7y agoExplain → -
S3cur3Th1sSh1t
No description.
★ 33 1mo agoExplain → -
SharpByeBear ▣
AppXSVC Service race condition - privilege escalation
C# ★ 29 7y agoExplain → -
SharpUnhooker ⑂
C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)
C# ★ 24 3y agoExplain → -
Kassandra
Reversed cassandra source code for educational purposes
C ★ 23 22h agoExplain → -
nim-strenc
string encryption in Nim
Nim ★ 19 2y agoExplain → -
MailSniper ⑂
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
PowerShell ★ 19 4y agoExplain → -
xencrypt ⑂
A PowerShell script anti-virus evasion tool
PowerShell ★ 18 5y agoExplain → -
SharpLigolo ▣
C# wrapper for ligolo
C# ★ 17 4y agoExplain → -
TeamViewerDecrypt
No description.
PowerShell ★ 17 6y agoExplain → -
OffensiveNim ⑂
My experiments in weaponizing Nim (https://nim-lang.org/)
Nim ★ 16 3y agoExplain → -
Grouper ⑂
A PowerShell script for helping to find vulnerable settings in AD Group Policy.
PowerShell ★ 16 7y agoExplain → -
the-book-of-secret-knowledge ⑂
A collection of awesome lists, manuals, blogs, hacks, one-liners, cli/web tools and more. Especially for System and Network Administrators, DevOps, Pentesters or Security Researchers.
★ 15 7y agoExplain → -
awesome-pentest ⑂
A collection of awesome penetration testing resources, tools and other shiny things
★ 14 6y agoExplain → -
EmpEISDecrypt
Decrypt Matrix42 Empirum /EIS Passwords
C# ★ 14 5y agoExplain → -
DomainPasswordSpray ⑂
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
★ 14 4y agoExplain → -
AMSITrigger ⑂
The Hunt for Malicious Strings
C# ★ 13 4y agoExplain → -
Invoke-WMI-Information
Straight forward script for WMI information gathering (local or remote)
★ 13 7y agoExplain → -
SharpRDP ⑂
Remote Desktop Protocol .NET Console Application for Authenticated Command Execution
C# ★ 12 5y agoExplain → -
ssdp-poisoning
No description.
Python ★ 11 7y agoExplain → -
PowerShellArmoury ⑂
A PowerShell Armoury for Penetration Testers or other random security guys
PowerShell ★ 11 6y agoExplain → -
NimWinstaEveryoneAccess
No description.
Nim ★ 10 4y agoExplain → -
TorBot ⑂
Dark Web OSINT Tool
Python ★ 10 7y agoExplain → -
PrivescCheck ⑂
Privilege Escalation Enumeration Script for Windows
PowerShell ★ 10 5y agoExplain → -
AMSI.fail ⑂
C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.
C# ★ 9 1y agoExplain → -
darkamour_clone ▣
No description.
Objective-C ★ 9 6y agoExplain → -
WinFor
Powershell script to execute different forensic Powershell functions / tools on a compromised host
PowerShell ★ 9 7y agoExplain → -
MimiMisc
No description.
C ★ 9 5y agoExplain → -
Internal-Monologue ⑂
Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS
C# ★ 9 3y agoExplain → -
mimikittenz ⑂
A post-exploitation powershell tool for extracting juicy info from memory.
PowerShell ★ 9 6y agoExplain → -
kb ⑂
Respositoy of all my notes on infosec I have been building up over the years
★ 9 9y agoExplain → -
AD-Attack-Defense ⑂
Active Directory Security For Red & Blue Team
★ 9 7y agoExplain → -
BYOVD_read_write_primitive ⑂
Proof of Concepts code for Bring Your Own Vulnerable Driver techniques
★ 8 10mo agoExplain → -
Privesc ⑂
Windows batch script that finds misconfiguration issues which can lead to privilege escalation.
★ 8 6y agoExplain → -
mRemoteNG-Decrypt ⑂
Python script to decrypt passwords stored by mRemoteNG
Python ★ 8 4y agoExplain → -
CheckPlease ⑂
Sandbox evasion modules written in PowerShell, Python, Go, Ruby, C, C#, Perl, and Rust.
Go ★ 8 5y agoExplain → -
p0wnedShell ⑂
PowerShell Runspace Post Exploitation Toolkit
C# ★ 8 7y agoExplain → -
Shellcode-Hide ⑂
This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp, socket)
★ 7 3y agoExplain → -
metasploit-framework ⑂
Metasploit Framework
★ 7 5y agoExplain → -
AutoRDPwn ⑂
The Shadow Attack Framework
PowerShell ★ 7 7y agoExplain → -
mitmAP ⑂
📡 A python program to create a fake AP and sniff data.
Python ★ 7 8y agoExplain → -
awesome-windows-domain-hardening ⑂
A curated list of awesome Security Hardening techniques for Windows.
★ 7 9y agoExplain → -
PSAmsi ⑂
PSAmsi is a tool for auditing and defeating AMSI signatures.
★ 7 8y agoExplain → -
PayloadsAllTheThings ⑂
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Python ★ 7 7y agoExplain → -
Find-VulnerableSoftware ⑂
Get a list of installed software in a safe manner
PowerShell ★ 7 9y agoExplain → -
Cheatsheets ⑂
Penetration Testing/Security Cheatsheets
★ 7 9y agoExplain → -
SSJI---JSGen
Just a copy from here: https://gitlab.com/0x4ndr3/blog/blob/master/JSgen/JSgen.py
Python ★ 6 7y agoExplain → -
Koppeling ⑂
Adaptive DLL hijacking / dynamic export forwarding
★ 6 6y agoExplain → -
SimpleSourceProtector ⑂
Simple c# source code obfuscator
★ 6 5y agoExplain → -
DInvoke ⑂
Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.
C# ★ 6 4y agoExplain → -
SpoolerScanner ⑂
Check if MS-RPRN is remotely available with powershell/c#
PowerShell ★ 6 7y agoExplain → -
KrbRelay ⑂
Framework for Kerberos relaying
C# ★ 6 1y agoExplain → -
Invoke-PrintDemon ⑂
This is a bind shell PoC using PrintDemon.
PowerShell ★ 6 5y agoExplain → -
Awesome-Profile-README-templates ⑂
A collection of awesome readme templates to display on your profile
★ 6 5y agoExplain → -
NimWinAPICustom ⑂
Resolve WinAPI func. Custom GetProcAddress and GetModuleHandle written in Nim
Nim ★ 6 4y agoExplain → -
denim ⑂
Automated compiler obfuscation for nim
Go ★ 5 3y agoExplain → -
KrbRelayUp ⑂
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
C# ★ 5 4y agoExplain → -
Carbuncle ⑂
Tool for interacting with outlook interop during red team engagements
C# ★ 5 3y agoExplain → -
Bitmancer ⑂
Nim Library for Offensive Security Development
Nim ★ 5 3y agoExplain → -
UsoDllLoader ⑂
Windows - Weaponizing privileged file writes with the Update Session Orchestrator service
C++ ★ 5 6y agoExplain → -
impacket ⑂
Impacket is a collection of Python classes for working with network protocols.
★ 5 3y agoExplain → -
Snaffler ⑂
a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
★ 5 6y agoExplain → -
SharpShooter ⑂
Payload Generation Framework
Visual Basic ★ 5 7y agoExplain → -
blackeye ⑂
The most complete Phishing Tool, with 32 templates +1 customizable
HTML ★ 5 7y agoExplain → -
Stuxnet ⑂
WMI virus, because funny
★ 4 1y agoExplain → -
JS-Tap ⑂
JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom JavaScript payloads in clients, and a "mimic" feature that automatically generates custom payloads.
★ 4 3mo agoExplain → -
BlockEtw ⑂
.Net Assembly to block ETW telemetry in current process
★ 4 6y agoExplain → -
COMThanasia ⑂
A set of programs for analyzing common vulnerabilities in COM
★ 4 1y agoExplain → -
MSBuildShell ⑂
MSBuildShell, a Powershell Host running within MSBuild.exe
★ 4 7y agoExplain → -
Hosts-File---AD-Tracking-Blocker
Hosts File for Blocking Advertising & Tracking Domains
★ 4 7y agoExplain → -
relayer ⑂
SMB Relay Attack Script
Shell ★ 4 7y agoExplain → -
BadPotato ⑂
Windows 权限提升 BadPotato
C# ★ 4 3y agoExplain → -
SecLists ⑂
SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
PHP ★ 4 9y agoExplain → -
MITMf ⑂
Framework for Man-In-The-Middle attacks
Python ★ 4 9y agoExplain → -
Empire ⑂
Empire 3.0 is a PowerShell and Python 3.x post-exploitation framework.
PowerShell ★ 4 6y agoExplain → -
metasploit-db_automate ⑂
A pentest scanning task automation project using custom resource files and Metasploit's internal services database.
Python ★ 4 7y agoExplain → -
markdown-cheatsheet ⑂
Markdown Cheatsheet for Github Readme.md
★ 4 7y agoExplain → -
audit_scripts ⑂
Scripts to gather system configuration information for offline/remote auditing
Batchfile ★ 4 8y agoExplain → -
Penetration-Testing-Tools ⑂
Great collection of my Penetration Testing scripts, tools, cheatsheets collected over years, used during real-world assignments or collected from various good quality sources.
Python ★ 4 7y agoExplain → -
Volumiser ⑂
No description.
★ 3 1mo agoExplain → -
gui-pwn ⑂
GUI-based UAC bypass
C ★ 3 1y agoExplain → -
Postfix-Server-Setup ⑂
No description.
Shell ★ 3 6y agoExplain → -
MS17-010 ⑂
MS17-010
Python ★ 3 6y agoExplain → -
PowerSploit ⑂
PowerSploit - A PowerShell Post-Exploitation Framework
PowerShell ★ 3 9y agoExplain → -
Inveigh ⑂
Inveigh is a Windows PowerShell LLMNR/mDNS/NBNS spoofer/man-in-the-middle tool
PowerShell ★ 3 7y agoExplain → -
Cobaltstrike-Aggressor-Scripts-Collection ⑂
Collection of tested Cobaltstrike aggressor scripts.
★ 3 6y agoExplain → -
SharpUp ⑂
SharpUp is a C# port of various PowerUp functionality.
C# ★ 3 6y agoExplain → -
multiplayer_snake
A mix of Snake and "Achtung die Kurve" with multiplayer mode
Python ★ 2 4mo agoExplain → -
PPL-0day ⑂
Demoting PPL anti-malware services to less than a guest user
★ 2 1y agoExplain → -
cs2br-bof ⑂
No description.
★ 2 1y agoExplain → -
ACLight ⑂
A script for advanced discovery of Privileged Accounts - includes Shadow Admins
PowerShell ★ 2 8y agoExplain → -
Yuki-Chan-The-Auto-Pentest ⑂
Automate Pentest Tool
Python ★ 2 8y agoExplain → -
HT-WPS-Breaker ⑂
HT-WPS Breaker (High Touch WPS Breaker)
Shell ★ 2 7y agoExplain → -
SharpLocker ⑂
No description.
C# ★ 2 6y agoExplain → -
BeaconFork ⑂
Out-of-the-box CobaltStrike Beacon source code use C++
★ 1 11mo agoExplain → -
chasingpolarbears ⑂
files for write-up
★ 1 6y agoExplain → -
QNAP-QTS-RCE ⑂
A python RCE exploit on QNAP-QTS
Python ★ 1 8y agoExplain → -
bmc_bladelogic ⑂
BMC Bladelogic RSCD exploits including remote code execution - CVE-2016-1542, CVE-2016-1543, CVE-2016-5063
★ 1 8y agoExplain → -
Get-RBCD-Threaded ⑂
Tool to discover Resource-Based Constrained Delegation attack paths in Active Directory environments
C# ★ 1 5y agoExplain → -
S3cur3Th1sSh1t.github.io
No description.
JavaScript ★ 0 2mo agoExplain → -
clroxide ⑂
A rust library that allows you to host the CLR and execute dotnet binaries.
Rust ★ 0 1y agoExplain →
No repos match these filters.