Free copy of The Cyber Plumber's Handbook
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse
Self-developed tools for Lateral Movement/Code Execution
a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Manipulating and Abusing Windows Access Tokens.
APT38 Tactic PoC for Stealing 0days
.NET 4.0 WinRM API Command Execution
C++ WinRM API via Reflective DLL
Suricata rules for network anomaly detection
This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to dump SYSTEM, SECURITY and SAM hives and once copied to the attacker machines provides option to delete these files to clear the trace.
.NET 4.0 Scheduled Job Lateral Movement
conduct lateral movement attack by leveraging unfiltered services display name to smuggle binaries as chunks into the target machine
A set of instructions, command and techniques that help during an Active Directory Assessment.
Invoke-KleptoKitty - Deploys Payloads and collects credentials
Time series knowledge graphs for cybersecurity
This tool is used to find anomalies or suspicious login events, especially to detect lateral movement.
A CALDERA plugin
A short script to automate the process of RDP session hijacking.
Add a description, image, and links to the lateral-movement topic page so that developers can more easily learn about it.
To associate your repository with the lateral-movement topic, visit your repo's landing page and select "manage topics."