Joe Helle's Projects
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Active Directory Generator files for Movement, Pivoting, and Persistence for Pentesters and Ethical Hackers.
Small and highly portable detection tests based on MITRE's ATT&CK.
Repository of Ruby related buffer overflow boilerplates
Simple Burp Scanner Parser - Turn XML output into a CSV file
Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
Cobalt wipe is the non-commercial version of Cobalt-Strike 4.3 (May 2021 Release)
Covenant is a collaborative .NET C2 framework for red teamers.
CVE-2020-28351 - Reflected Cross-Site Scripting attack in ShoreTel version 19.46.1802.0.
CVE-2021-37832 - Hotel Druid 3.0.2 SQL Injection Vulnerability - 9.8 CVSS 3.1
CVE 2021-37833 Hotel Druid 3.0.2 Reflected Cross Site Scripting
A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability.
Reflected XSS via AngularJS Sandbox Escape Expressions in IPSwitch WS_FTP Server 8.6.0
A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.
Writing custom backdoor payloads with C# - Defcon 27 Workshop
Config files for my GitHub profile.
USB Rubber Ducky type scripts written for the DigiSpark.
Web path scanner
Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.
Empire is a PowerShell and Python 3.x post-exploitation framework.
Tool to transfer credential files from Firefox to your local machine to decrypt offline.
Lite version of my Gatekeeper backdoor for public use.
Python Gmail User Enumeration Tool
GoPhish Templates that I have retired and/or templates I've recreated.
Internal Network Penetration Test Playbook
Proof-of-concept obfuscation toolkit for C# post-exploitation tools
A tool to perform Kerberos pre-auth bruteforcing