A vast collection of security tools for bug bounty, pentest and red teaming

#windows

pypykatz on offsec.tools
Featured
pypykatz

Mimikatz implementation in pure Python.

mimikatz on offsec.tools
Featured
mimikatz

A little tool to play with Windows security.

linWinPwn on offsec.tools
Featured
linWinPwn

Automates a number of Active Directory enumeration and vulnerability.

LDAP Password Hunter on offsec.tools
LDAP Password Hunter

Password Hunter in active directory.

mimikittenz on offsec.tools
mimikittenz

A post-exploitation powershell tool for extracting juicy info from memory.

FindUncommonShares on offsec.tools
FindUncommonShares

Quickly find uncommon shares in vast Windows domains.

Invoke-TmpDavFS on offsec.tools
Invoke-TmpDavFS

Memory Backed Powershell WebDav Server.

PowerShdll on offsec.tools
PowerShdll

Run PowerShell with rundll32 in order to bypass software restrictions.

PSByPassCLM on offsec.tools
PSByPassCLM

Bypass for PowerShell Constrained Language Mode.

Invoke-BSOD on offsec.tools
Invoke-BSOD

For when you want a computer to be done - without admin!.

Invoke-WCMDump on offsec.tools
Invoke-WCMDump

PowerShell script to dump Windows credentials from the Credential Manager.

windows-privesc-check on offsec.tools
windows-privesc-check

Standalone executable to check for simple privilege escalation vectors.

PowerSploit on offsec.tools
PowerSploit

A PowerShell Post-Exploitation Framework.

WMEye on offsec.tools
WMEye

Post exploitation tool that uses WMI event filter and MSBuild execution for lateral movement.

NTLMRecon on offsec.tools
NTLMRecon

Enumerate information from NTLM authentication enabled web endpoints.

WinPwnage on offsec.tools
WinPwnage

UAC bypass, Elevate, Persistence methods.

ADRecon on offsec.tools
ADRecon

Gather information about the Active Directory and generates a report.

UserEnum on offsec.tools
UserEnum

Domain user enumeration tool.

jackdaw on offsec.tools
jackdaw

Gather gather gather.

RidRelay on offsec.tools
RidRelay

Enumerate usernames on a domain where you have no creds by using SMB relay.

Snaffler on offsec.tools
Snaffler

A tool to help at finding delicious candy needles in a bunch of horrible boring haystacks.

Responder on offsec.tools
Responder

Responder is a LLMNR, NBT-NS and MDNS poisoner.

enum4Linux on offsec.tools
enum4Linux

Enumerate data from Windows and Samba hosts.

ShadowSpray on offsec.tools
ShadowSpray

Spray shadow credentials across an entire domain.

hoaxshell on offsec.tools
hoaxshell

Windows reverse shell payload generator and handler that abuses the http(s) protocol.

PipeViewer on offsec.tools
PipeViewer

A tool that shows detailed information about named pipes in Windows.

RDP Scraper on offsec.tools
RDP Scraper

Enumerates users based off RDP Screenshots.

l0phtcrack on offsec.tools
l0phtcrack

Crack Windows passwords from hashes.

Ophcrack on offsec.tools
Ophcrack

Windows password cracker based on rainbow tables.

Cain and Abel on offsec.tools
Cain and Abel

Password recovery tool for Microsoft Operating Systems.

mssqlproxy on offsec.tools
mssqlproxy

Perform lateral movement in restricted environments through a compromised MSSQL Server.

WES-NG on offsec.tools
WES-NG

Windows Exploit Suggester - Next Generation.

Windows Exploit Suggester on offsec.tools
Windows Exploit Suggester

Compares target patch levels against the Microsoft vulnerability DB to detect missing patches.

windows-kernel-exploits on offsec.tools
windows-kernel-exploits

A list of Windows kernel exploits.

ADRT on offsec.tools
ADRT

Active Directory Report Tool.

SharpImpersonation on offsec.tools
SharpImpersonation

A User Impersonation tool - via Token or Shellcode injection.

WinPwn on offsec.tools
WinPwn

Automation for internal Windows pentest / AD-Security.

SweetPotato on offsec.tools
SweetPotato

A collection of various Windows privilege escalation techniques from service accounts to SYSTEM.

SharpHose on offsec.tools
SharpHose

Asynchronous password spraying tool for Windows environments.

windapsearch on offsec.tools
windapsearch

Enumerate users, groups and computers from a Windows domain through LDAP queries.

Rubeus on offsec.tools
Rubeus

Rubeus is a toolkit for Kerberos interaction and abuses.

Coercer on offsec.tools
Coercer

Automatically coerce a Windows server to authenticate on an arbitrary machine.

SQLRecon on offsec.tools
SQLRecon

A C# MS-SQL toolkit designed for offensive reconnaissance and post-exploitation.

PEAS-ng on offsec.tools
PEAS-ng

Privilege Escalation Awesome Scripts SUITE.

Burp NTLM Challenge Decoder on offsec.tools
Burp NTLM Challenge Decoder

Burp extension to decode NTLM SSP headers and extract domain/host information.

msldap on offsec.tools
msldap

LDAP library for auditing Microsoft Active Directory.

ADAPE Script on offsec.tools
ADAPE Script

Active Directory assessment and privilege escalation script.

SMBploit on offsec.tools
SMBploit

Offensive tool to scan & exploit vulnerabilities in Windows over SMB using Metasploit.

SSH PuTTY login bruteforcer on offsec.tools
SSH PuTTY login bruteforcer

A wrapper script which uses PuTTY to perform SSH login bruteforce attacks.

ADReaper on offsec.tools
ADReaper

Enumerate an Active Directory environment with LDAP queries.

ADenum on offsec.tools
ADenum

Find misconfiguration through LDAP to exploit weaknesses with Kerberos.