Name: Not Actually Will
Type: User
Company: Not Actually Harmj0y
Bio: Not Actually Co-founder of Empire, BloodHound, and the Veil-Framework | PowerSploit developer | krb lover | Microsoft PowerShell MVP |
Location: Not Actually Seattle, WA
Blog: http://blog.harmj0y.net
Not Actually Will's Projects
PowerShell Conference EU 2016 Slides and Demo Scripts
Arya is a simple obfuscator for .NET binaries.
Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.
Cheat sheets for various projects.
This is a pack of Cortana scripts commonly used on our pentests.
A collection of Cortana scripts that you may use with Armitage and Cobalt Strike.
Python script for analyis of the "Trust.csv" file generated by Veil PowerView. Provides graph based analysis and output.
Offensive Data Storage
This is a simple parser for/decrypter for Impacket's esentutl.py utility. It assists with decrypting hashes and hash histories from ntds.dit databases.
Inveigh is a Windows PowerShell LLMNR/NBNS spoofer with challenge/response capture over HTTP/SMB
Defensive-oriented Active Directory enumeration
Methods for attacking KeePass 2.X databases, including extracting of encryption key material from memory.
Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use.
Misc. PowerShell scripts
random powershell goodness
Network Block Device Server for windows with a DFIR/forensic focus.
NetRipper - Smart traffic sniffing for penetration testers
Netview enumerates systems using WinAPI calls
This repo contains Powershell scripts used for general hackery.
PowerSploit - A PowerShell Post-Exploitation Framework
This version of PowerUp is now unsupported. See https://github.com/Veil-Framework/PowerTools/tree/master/PowerUp for the most current version.
PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server
Easily define in-memory enums, structs, and Win32 functions in PowerShell
This is a Python port of lnk-parse-1.0, a tool to parse Windows .lnk files.
Network Infrastructure Penetration Testing Tool
Powershell-based Windows Security Auditing Toolbox