🛠️ ADCSDevilCOM: A C# tool for requesting certificates from ADCS using DCOM over SMB. ✅ Remotely request X.509 certificates from CA server using the MS-WCCE protocol over DCOM github.com/7hePr0fess0r/ADCS…

Advanced Domain Controller attack and credential analysis tool leveraging DonPAPI database github.com/MorDavid/DonPwner

Site Unseen: Enumerating and Attacking Active Directory Sites synacktiv.com/en/publication…

Yet Another DCOM Object for Command Execution Part 1 - @haider_kabibo sud0ru.ghost.io/yet-another-…

Dynamic EDR Evasion. A dive into auto-detecting EDR hooks and generating dynamic stager that compiles evasion-tailored payloads per target (with SHAPESHIFTER). A great post by Matt Hand (@matterpreter). Source: medium.com/@matterpreter/adv… #redteam #blueteam #maldev #evasion #malwaredevelopment

Thank you to the amazing @Andy2002a for updating the @Mandiant #Gootloader decoder script github.com/mandiant/gootload…

Added OnlyShell to #C2Matrix "A powerful Go-based multi-shell handler for managing multiple reverse shell connections simultaneously with features like shell type detection, background management, command broadcasting, and real-time interaction." github.com/malwarekid/OnlySh…

Guide pour relayer NTLM sur HTTP – l’exemple de GLPI - Arthur Le Corguillé mobeta.fr/guide-pour-relayer…

Steal cookies for MS Teams, while running within the ms-teams.exe process github.com/TierZeroSecurity/…

Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames github.com/NtDallas/BOF_Spaw…

VulnIndex — the fastest way to find real security research vulnindex.ys0.dev/

GitHub - izmirlikezzap/RedTiger-Tools: RedTiger-Tools is a free multi-tool with many features in the areas of Cybersecurity, Pentesting, OSINT, Network Scanning, Discord and Ethical Hacking. (For educational purposes only) github.com/izmirlikezzap/Red…

AdminSDHolder: the AD security feature everyone thinks they understand but probably don't. 😬 @JimSycurity went to the source code to debunk decades of misconceptions — including ones in Microsoft's own docs. Read more ⤵️ ghst.ly/3Lpmjzv

A python tool to map the access rights of network shares into a BloodHound OpenGraphs easily github.com/p0dalirius/ShareH…

Lateral movement across server room? Steven Flores (@0xthirteen) of @SpecterOps describes a new fancy WMI class that can be used to move laterally between Windows server boxes. Also, mentions methods of extending this tactic to workstations. Post: specterops.io/blog/2025/09/1… #redteam #blueteam #maldev #malwaredevelopment

''Yet Another DCOM Object for Command Execution Part 1'' #infosec #pentest #redteam #blueteam sud0ru.ghost.io/yet-another-…

Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover github.com/logangoins/BadTak…

CVE-2025-59287 - 9.8, WSUS Remote Code Execution Write-up and PoC hawktrace.com/blog/CVE-2025-…

New research shows Credential Guard can still leak creds By abusing Remote Credential Guard, attackers can request NTLMv1 challenge responses and recover NT hashes - even on fully patched Windows 11 with VBS and PPL - Microsoft confirmed and marked it “won’t fix.” - PoC called DumpGuard Full write-up by @SpecterOps specterops.io/blog/2025/10/2…

Using rust for red teaming / maldev / exploit development ? I have covered cool tips/tricks to advance your rust based malwares. :)