Tools for instrumenting Windows Defender's mpengine.dll - 0xAlexei/WindowsDefenderTools

Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv. - skorov/ridrelay

There are a variety of reasons why a pen tester would want to obtain the anti-virus configurations of the system they are targeting. The ability to capture this information remotely can allow a pen tester to customize their actions for the computer they are…

Today me and my partner in crime Giuseppe, are releasing our small research with Windows impersonate privileges. The result is a tool named “Juicy Potato”, which is a kind of sequel of …

A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.

How to hide Visual Basic Scripts HTA in other files and generate self playing HTA files without the .hta extension.

During penetration tests, our primary goal is to identify the difference in paths that can be used to obtain the goal(s) as agreed upon with our customers. This often succeeds due to insufficient h…

Posted by James Forshaw, Project Zero And we’re back again for another blog in my series on Windows Exploitation tricks. This time I’ll...

Summary:



A weakness in the Microsoft ADFS protocol for integration with MFA products allows a second factor for one account to be used for second-factor authentication to all other accounts in an organization.

After being notified about the vulnerability…

C# Targeted Attack Reconnissance Tools. Contribute to stufus/reconerator development by creating an account on GitHub.

Home of Nikhil SamratAshok Mittal. Posts about Red Teaming, Offensive PowerShell, Active Directory and Pen Testing.

The Skeleton Key is a malware which is stored in memory which allows an attacker to authenticate as any domain user in the network by using a master password. The techniques that this malware was u…

Bypass Technique Denoscription

Learn ethical hacking: www.sans.org/sec504
Presented by: Mick Douglas

Attendees of this talk will learn why attackers have latched on to PowerShell. Mick will discuss how bad guys use this built in OS component to dodge many defensive techniques.

Mick…

Use powershell to list the RDP Connections History of logged-in users or all users - 3gstudent/List-RDP-Connections-History

An analysis of the MBR bootkit referred to as “HDRoot”