AD-CS-Forest-Exploiter : Mastering Security Through PowerShell For AD CS Misconfiguration
ADCFFS is a PowerShell script that can be used to exploit the AD CS container misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise. The tool can also be used to first scan the forest to determine if it is vulnerable to the attack and can remedy the permission misconfiguration as well. More information...
Usage Of Tartufo – A Comprehensive Guide To Securing Your Git Repositories
Tartufo will, by default, scan the entire history of a git repository for any text which looks like a secret, password, credential, etc. It can also be made to work in pre-commit mode, for scanning blobs of text as a pre-commit hook. tartufo [OPTIONS] COMMAND [ARGS]... Options--default-regexes, --no-default-regexes Whether to include the default regex list when configuring search patterns. Only applicable if –rules...
Loco : A Rails-Inspired Framework For Rust Developers
Loco is strongly inspired by Rails. If you know Rails and Rust, you'll feel at home. If you only know Rails and new to Rust, you'll find Loco refreshing. We do not assume you know Rails. For a deeper dive into how Loco works, including detailed guides, examples, and API references, check out our documentation website. Features Of Loco: Convention Over Configuration:...
Monolith : The Ultimate Tool For Storing Entire Web Pages As Single HTML Files
A data hoarder’s dream come true: bundle any web page into a single HTML file. You can finally replace that gazillion of open tabs with a gazillion of .html files stored somewhere on your precious little drive. Unlike the conventional “Save page as”, monolith not only saves the target document, it embeds CSS, image, and JavaScript assets all at once,...
Mountpoint For Amazon S3 : Enhancing File System Integration For Effective Storage Management
Mountpoint for Amazon S3 is a simple, high-throughput file client for mounting an Amazon S3 bucket as a local file system. With Mountpoint for Amazon S3, your applications can access objects stored in Amazon S3 through file operations like open and read. Mountpoint for Amazon S3 automatically translates these operations into S3 object API calls, giving your applications access...
LitterBox : The Ultimate Sandbox Environment For Malware Testing And Red Team Operations
Your malware's favorite sandbox - where red teamers come to bury their payloads. A sandbox environment designed specifically for malware development and payload testing. This Web Application enables red teamers to validate evasion techniques, assess detection signatures, and test implant behavior before deployment in the field. Think of it as your personal LitterBox for perfecting your tradecraft without leaving traces on production...
RWX_MEMORY_HUNT_AND_INJECTION_DV : Exploiting OneDrive.exe To Inject Shellcode Without New RWX Allocations
Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region. This technique is finding RWX region in already running processes in this case OneDrive.exe and Write shellcode into that region and execute it without calling VirtualProtect, VirtualAllocEx, VirtualAlloc. Usage Just compile the program and run the (EXE) without any paremeter. Steps Find the OneDrive.exe in...
BloodHound.py : Installation, Usage, And Features
BloodHound.py is a Python based ingestor for BloodHound, based on Impacket. The code in this branch is only compatible with BloodHound 4.2 and 4.3. For BloodHound CE, check out the bloodhound-ce branch Installation There are different install methods for BloodHound Community Edition (CE) and BloodHound legacy. You can only have one of the two tools installed at the same time, unless you...
100 Days Of Rust 2025 : From Incident Response To Linux System Programming
In 2025 I wanted to try something new. In addition to a traditional 100 days of Yara, I will also be doing 100 days of Rust. For some time it has been my goal to learn Rust, but I've never had enough time for it. I think 100 days challenge is a pretty good format to learn something new,...
Presenterm : Revolutionizing Terminal-Based Presentations With Markdown
presenterm lets you create presentations in markdown format and run them from your terminal, with support for image and animated gifs, highly customizable themes, code highlighting, exporting presentations into PDF format, and plenty of other features. Features Define your presentation in a single markdown file. Images and animated gifs on terminals like kitty, iterm2, and wezterm. Customizeable themes including colors, margins, layout (left/center...
