n3wpr
Follow
Stars
BloodyAD is an Active Directory Privilege Escalation Framework
Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
Dumping LSASS with a duplicated handle from custom LSA plugin
Extract WinSCP Credentials from any Windows System or winscp config file
Extract SAM and SYSTEM using Volume Shadow Copy (VSS) API. With multiple exfiltration options and XOR obfuscation
Privilege Escalation Enumeration Script for Windows
Fragtunnel is a proof-of-concept (PoC) TCP tunnel tool that you can use to tunnel your application's traffic and bypass next-generation firewalls en route to the target.
LudusHound is a tool for red and blue teams that transforms BloodHound data into a fully functional, Active Directory replica environment via Ludus for controlled testing.
SilentButDeadly is a network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connectivity using Windows Filtering Platform (WFP). This version fo…
Explanation and full RCE PoC for CVE-2025-55182
🧙♂️ Node.js Command & Control for Script-Jacking Vulnerable Electron Applications
Python alternative to Mimikatz lsadump::dcshadow
A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket
PHP tool that takes screenshots of a given ips/ports combo list and then try to guess the service.
A PHP tool to brute force vhost configured on a server.
Try to find the origin IP of a webapp protected by Cloudflare.
This repo covers some code execution and AV Evasion methods for Macros in Office documents
PowerShell tool that shows how to read and write NTLM OWF values via samlib.dll.
Impacket is a collection of Python classes for working with network protocols.
List of Awesome Red Team / Red Teaming Resources This list is for anyone wishing to learn about Red Teaming but do not have a starting point.
PoC Exploit for the NTLM reflection SMB flaw.