Exploitation

Documentation of an AWS IAM privilege escalation technique that exploits the iam:CreatePolicyVersion permission to gain elevated access through policy manipulation.

A collection of tips and tricks for container and container orchestration hacking and security testing.

A comprehensive collection of resources for learning ARM assembly language and shellcode development.

TikiTorch is a process injection tool that executes code within the address space of other processes using various injection techniques.

A Mac OS X code injection library that enables copying code into target processes and remotely executing it through new thread creation.

A post-exploitation tool for pentesting Active Directory

Python exploitation tool for gaining root access to Sixnet RTUs in SCADA networks by exploiting application-level vulnerabilities.

A proof-of-concept toolkit for fingerprinting and exploiting Amazon Web Services cloud infrastructures using the boto library.

Open source penetration testing tool for detecting and exploiting command injection vulnerabilities.