#windows

hoaxshell on offsec.tools
Sponsor
hoaxshell

Windows reverse shell payload generator and handler that abuses the http(s) protocol.

spraykatz on offsec.tools
spraykatz

Credentials gathering tool automating remote procdump and parse of lsass process.

WINspect on offsec.tools
WINspect

Powershell-based Windows security auditing toolbox.

BloodHound on offsec.tools
BloodHound

Six Degrees of Domain Admin.

MobSF on offsec.tools
MobSF

All-in-one mobile application pentesting, malware analysis and security assessment framework.

ctftool on offsec.tools
ctftool

Interactive CTF exploration tool.

Prenum on offsec.tools
Prenum

The perils of the pre-Windows 2000 compatible access group in a Windows domain.

LOLBAS on offsec.tools
LOLBAS

Living Off The Land Binaries, Scripts and Libraries.

RegStrike on offsec.tools
RegStrike

RegStrike is a .reg payload generator.

HTTP-revshell on offsec.tools
HTTP-revshell

Powershell reverse shell using HTTP/S protocol with AMSI bypass and Proxy Aware.

enum4linux-ng on offsec.tools
enum4linux-ng

A Windows/Samba enumeration tool with additional features like JSON/YAML export.

DripLoader on offsec.tools
DripLoader

Evasive shellcode loader for bypassing injection detection.

Hash Muncher on offsec.tools
Hash Muncher

Grab NetNTLMv2 hashes using ETW with administrative rights on Windows.

Invoke-ADEnum on offsec.tools
Invoke-ADEnum

Automate Active Directory Enumeration using PowerView.

NanoDump on offsec.tools
NanoDump

A flexible tool that creates a minidump of the LSASS process.

GodPotato on offsec.tools
GodPotato

Privilege escalation tool for Windows.

LDAP Password Hunter on offsec.tools
LDAP Password Hunter

Password Hunter in active directory.

mimikittenz on offsec.tools
mimikittenz

A post-exploitation powershell tool for extracting juicy info from memory.

FindUncommonShares on offsec.tools
FindUncommonShares

Quickly find uncommon shares in vast Windows domains.

Invoke-TmpDavFS on offsec.tools
Invoke-TmpDavFS

Memory Backed Powershell WebDav Server.

PowerShdll on offsec.tools
PowerShdll

Run PowerShell with rundll32 in order to bypass software restrictions.

PSByPassCLM on offsec.tools
PSByPassCLM

Bypass for PowerShell Constrained Language Mode.

Invoke-BSOD on offsec.tools
Invoke-BSOD

For when you want a computer to be done - without admin!.

Invoke-WCMDump on offsec.tools
Invoke-WCMDump

PowerShell script to dump Windows credentials from the Credential Manager.

windows-privesc-check on offsec.tools
windows-privesc-check

Standalone executable to check for simple privilege escalation vectors.

PowerSploit on offsec.tools
PowerSploit

A PowerShell Post-Exploitation Framework.

WMEye on offsec.tools
WMEye

Post exploitation tool that uses WMI event filter and MSBuild execution for lateral movement.

NTLMRecon on offsec.tools
NTLMRecon

Enumerate information from NTLM authentication enabled web endpoints.

WinPwnage on offsec.tools
WinPwnage

UAC bypass, Elevate, Persistence methods.

PipeViewer on offsec.tools
PipeViewer

A tool that shows detailed information about named pipes in Windows.

ADRecon on offsec.tools
ADRecon

Gather information about the Active Directory and generates a report.

UserEnum on offsec.tools
UserEnum

Domain user enumeration tool.

pypykatz on offsec.tools
pypykatz

Mimikatz implementation in pure Python.

Responder on offsec.tools
Responder

Responder is a LLMNR, NBT-NS and MDNS poisoner.

Snaffler on offsec.tools
Snaffler

A tool to help at finding delicious candy needles in a bunch of horrible boring haystacks.

RidRelay on offsec.tools
RidRelay

Enumerate usernames on a domain where you have no creds by using SMB relay.

jackdaw on offsec.tools
jackdaw

Gather gather gather.

enum4Linux on offsec.tools
enum4Linux

Enumerate data from Windows and Samba hosts.

ShadowSpray on offsec.tools
ShadowSpray

Spray shadow credentials across an entire domain.

RDP Scraper on offsec.tools
RDP Scraper

Enumerates users based off RDP Screenshots.

l0phtcrack on offsec.tools
l0phtcrack

Crack Windows passwords from hashes.

mimikatz on offsec.tools
mimikatz

A little tool to play with Windows security.

Ophcrack on offsec.tools
Ophcrack

Windows password cracker based on rainbow tables.

Cain and Abel on offsec.tools
Cain and Abel

Password recovery tool for Microsoft Operating Systems.

mssqlproxy on offsec.tools
mssqlproxy

Perform lateral movement in restricted environments through a compromised MSSQL Server.

windows-kernel-exploits on offsec.tools
windows-kernel-exploits

A list of Windows kernel exploits.

WES-NG on offsec.tools
WES-NG

Windows Exploit Suggester - Next Generation.

Windows Exploit Suggester on offsec.tools
Windows Exploit Suggester

Compares target patch levels against the Microsoft vulnerability DB to detect missing patches.

WinPwn on offsec.tools
WinPwn

Automation for internal Windows pentest / AD-Security.

SharpImpersonation on offsec.tools
SharpImpersonation

A User Impersonation tool - via Token or Shellcode injection.

ADRT on offsec.tools
ADRT

Active Directory Report Tool.

SweetPotato on offsec.tools
SweetPotato

A collection of various Windows privilege escalation techniques from service accounts to SYSTEM.

SharpHose on offsec.tools
SharpHose

Asynchronous password spraying tool for Windows environments.

windapsearch on offsec.tools
windapsearch

Enumerate users, groups and computers from a Windows domain through LDAP queries.

Rubeus on offsec.tools
Rubeus

Rubeus is a toolkit for Kerberos interaction and abuses.

linWinPwn on offsec.tools
linWinPwn

Automates a number of Active Directory enumeration and vulnerability.

Coercer on offsec.tools
Coercer

Automatically coerce a Windows server to authenticate on an arbitrary machine.

SQLRecon on offsec.tools
SQLRecon

A C# MS-SQL toolkit designed for offensive reconnaissance and post-exploitation.

PEASS-ng on offsec.tools
PEASS-ng

Privilege Escalation Awesome Scripts SUITE.

Burp NTLM Challenge Decoder on offsec.tools
Burp NTLM Challenge Decoder

Burp extension to decode NTLM SSP headers and extract domain/host information.

msldap on offsec.tools
msldap

LDAP library for auditing Microsoft Active Directory.

ADAPE Script on offsec.tools
ADAPE Script

Active Directory assessment and privilege escalation script.

SSH PuTTY login bruteforcer on offsec.tools
SSH PuTTY login bruteforcer

A wrapper script which uses PuTTY to perform SSH login bruteforce attacks.

SMBploit on offsec.tools
SMBploit

Offensive tool to scan & exploit vulnerabilities in Windows over SMB using Metasploit.

ADReaper on offsec.tools
ADReaper

Enumerate an Active Directory environment with LDAP queries.

ADenum on offsec.tools
ADenum

Find misconfiguration through LDAP to exploit weaknesses with Kerberos.