12 open source projects by 0x09AL

This script will create a POC that will steal NTML hashes from a remote computer. Do not use this for illegal purposes.The author does not keep responsibility for any illegal action you do.

DNS-Persist is a post-exploitation agent which uses DNS for command and control.

CVE-2018-8174 - VBScript memory corruption exploit.

DropboxC2C is a post-exploitation agent which uses Dropbox Infrastructure for command and control operations.

Go-deliver is a payload delivery tool coded in Go.

Post Exploitation agent which uses a browser to do C2 operations.

This is a Metasploit module which exploits CVE-2017-11882 using the POC released here : https://embedi.com/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about.

raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin.

Extracting Clear Text Passwords from mstsc.exe using API Hooking.

A native backdoor module for Microsoft IIS (Internet Information Services)

My public exploit collection.

A tool to extract and abuse access tokens from AzureCLI for bypassing 2FA/MFA.