0xmvmd

Python classes for working with network protocols (psexec, wmiexec, secretsdump).

AD privilege escalation framework using LDAP/SAMR protocols.

High-performance network pivoting/tunneling tool using TUN interfaces.

Ultimate WinRM shell for hacking Windows hosts and executing scripts.

Active Directory Certificate Services (AD CS) enumeration & exploitation tool.

Multi-protocol network exploitation scanner (SMB, WMI, WinRM, LDAP).

Legacy swiss-army knife network exploitation scanner.

Automated Windows authentication coercion tool over RPC/SMB.

MS-EFSRPC coercion vulnerability exploit tool for AD takeover.

Dump Active Directory integrated DNS records via LDAP protocol.

Map Active Directory relationships and attack paths using graph theory.

Python-based ingestor for BloodHound (runs from Linux without domain-join).

Dump Active Directory NT hashes using backup certificates.

PowerShell tool for Active Directory domain enumeration and recon.

LLMNR, NBT-NS, and MDNS poisoner for harvesting hashes.

Quickly bruteforce and enumerate Active Directory users via Kerberos pre-authentication.

Enumerate and find credentials or sensitive data in AD network share drives.

Active Directory security auditing tool to evaluate risk and path escalation.

CVE-2020-1472 exploit to reset Domain Controller machine account password.

CVE-2021-42278 / CVE-2021-42287 Active Directory domain controller takeover exploit.

Active Directory information dumper via LDAP queries into HTML/JSON reports.

Active Directory object takeover via Shadow Credentials manipulation.

DomainPasswordSpray performs password spraying against domain users.

Dump DPAPI protected secrets and credentials remotely from domain machines.

Query and exploit pre-Windows 2000 computer accounts with MAQ default limit.

Interceptive web proxy, scanning, and request tampering suite.

Fast web fuzzer written in Go for file, directory, and param discovery.

Directory, file, DNS, and VHost brute-forcing tool in Go.

Advanced command-line tool for scanning web directories and files.

Automated SQL injection discovery and database exploitation engine.

Web app for encryption, decryption, encoding & analysis recipes.

WordPress vulnerability scanner for plugins, themes, and users.

Extract plain text passwords, NT/LM hashes, and Kerberos tickets from LSASS memory.

C# toolset for Kerberos interaction, ticket harvesting, and roasting.

Fast TCP/UDP tunnel over HTTP, secured via SSH protocols.

Client for kubelet APIs to execute commands on Kubernetes pods.

Windows local privilege escalation tool exploiting Print Spooler service.

C# active directory data collector ingestor for BloodHound.

Software reverse engineering framework with decompiler by the NSA.

GNU Debugger with custom Peda, GEF, or Pwndbg enhancements.

Exploit writing and CTF payload generation library in Python.

Command-line binary disassembler and hexadecimal editor.

Network exploration and port scanner engine with scripting engine (NSE).

World's leading interactive network packet analyzer.

Memory forensics framework for analyzing volatile RAM dumps.

Reconnaissance tool to find social media profiles by username.