koutto
Follow
Lists (19)
Stars
A collection of PoCs to do common things in unconventional ways
Local SYSTEM auth trigger for relaying - X
Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread
Visually inspect and force decode YARA and regex matches found in both binary and text data with colors. Lots of colors.
.NET post-exploitation toolkit for Active Directory reconnaissance and exploitation
StandIn is a small .NET35/45 AD post-exploitation toolkit
POC tool to extract all persistent clipboard history data from clipboard service process memory
A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.
Windows Local Privilege Escalation from Service Account to System
A beacon object file implementation of PoolParty Process Injection Technique.
Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)
Search tool to find specific files containing specific words, i.e. files containing passwords..
bof-launcher - library for loading, executing and in-memory masking BOFs on Windows (x64, x86) and Linux (x64, x86, aarch64, arm). Ready to use in C/Zig/Rust/Go/C++ applications.
SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.
The Definitive Guide To Process Cloning on Windows
Complete list of LPE exploits for Windows (starting from 2023)
Living off the land searches for explorer and sharepoint
A tool for pointesters to find candies in SharePoint
A revamped and updated version of my original OneRuleToRuleThemAll hashcat rule
A curated list of awesome tools, research, papers and other projects related to password cracking and password security.
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.