F-Masood's Projects
A PowerShell script that automates the security assessment of Microsoft Office 365 environments.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Powershell script to do domain auditing automation
A cheat sheet that contains advanced queries for SQL Injection of all types.
This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with the AWAE course. This repo will likely contain custom code by me and various courses.
🛡️ Awesome Cloud Security Resources ⚔️
A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY
Custom Query list for the Bloodhound GUI based off my cheatsheet
Exploiting Booked Scheduler 2.7.5 - RCE without MSF.
A dumb skeleton code made in Python2 for bruteforcing Web Login forms.
Different configurations I normally do
Google and deepl translated conti leaks, which is shared by a member of the conti ransomware group.
This repository contains procedures found in the Feb 2022 conti leaks. They were taken from the "manual_teams_c" rocketchat channel in the leak and posted on may 10th, 2021 in the channel.
Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing
reverse shell using curl
CVE-2009-2698 compiled for CentOS 4.8
Sudo Baron Samedit Exploit
CVE-2021-3156: Sudo heap overflow exploit for Debain 10
Dirtycow exploit for both 32 and 64-bit
DPAPI looting remotely in Python
Tips on how to write exploit scripts (faster!)
Python2 based Bufferoverflow scripts i developed while doing the Vulnhub box Netsart by Foxlox
Exploiting challenges in Linux and Windows
A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell. Feel free to modiy and DM if you find some bugs :)
Lists who can read any gMSA password blobs and parses them if the current user has access.
Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
Transfer files to and from a Windows host via ICMP in restricted network environments.
Impacket is a collection of Python classes for working with network protocols.