The ultimate WinRM shell for hacking/pentesting.
Escalate a Cross-Site Scripting vulnerability to Remote Code Execution in WordPress.
Hunt persistences implanted in Windows machines.
Unprivileged Linux process snooping.
Automatic Linux privilege escalation via exploitation of low-hanging fruit.
Interactive CTF exploration tool.
Unix binaries that can be used to bypass local security restrictions in misconfigured systems.
Living Off The Land Binaries, Scripts and Libraries.
Unix binaries that can be manipulated for argument injection.
Living Off the Orchard: macOS Binaries.
Standalone script to enumerate SUID binaries, separate default binaries from customs.
Powershell tool to automate Active Directory enumeration.
Offensive PowerShell for red team, penetration testing and offensive security.
A post-exploitation tool designed to leverage Microsoft Endpoint Configuration Manager.
Privilege escalation tool for Windows.
Modify version of impacket wmiexec.py, get output from registry.
The new generation of wmiexec.py with all operations performed on port 135 for antivirus evasion.
This script enumerates the permissions of all the AWS principals of an account.
A PowerShell toolkit for attacking SQL Server.
A proxy aware C2 framework used to aid with post-exploitation and lateral movement.
Payload creation framework designed around EDR bypass.
Socks proxy, and reverse socks server using powershell.
Shell script to check for simple privilege escalation vectors on Unix systems.
Standalone executable to check for simple privilege escalation vectors.
A PowerShell Post-Exploitation Framework.
Post exploitation tool that uses WMI event filter and MSBuild execution for lateral movement.
UAC bypass, Elevate, Persistence methods.
A tool to identify and exploit sudo rules misconfigurations and vulnerabilities.
Lateral movement graph for Azure Active Directory.
A Linux privilege escalation check script.
A tool to help at finding delicious candy needles in a bunch of horrible boring haystacks.
Pop shells like a master.
XSS payloads designed to turn alert(1) into P1.
Perform lateral movement in restricted environments through a compromised MSSQL Server.
Automate the process of generating various reverse shells.
A collection of various Windows privilege escalation techniques from service accounts to SYSTEM.
Netcat on steroids with many extra features.
A tool to make socks connections through HTTP agents.
Privilege Escalation Awesome Scripts SUITE.
Multiplaform privilege escalation project.
Filesystem analysis tool/directory looking for interesting stuff.
Scripted Local Linux Enumeration & Privilege Escalation Checks.