Category: Network PenTest

LaZagne

LaZagne v2.4.3 releases: Credentials recovery project

The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases, etc.). This tool has been developed...

DNS File EXfiltration

dfex: DNS File EXfiltration

DNS File EXfiltration Data exfiltration is a common technique used for post-exploitation, DNS is one of the most common protocols through firewalls. We take the opportunity to build a unique protocol for transferring files...

automate Active Directory enumeration

Start-ADEnum: automate Active Directory enumeration

Start-ADEnum A tool to automate Active Directory enumeration. Tool Prereq This tool requires that you have a runas /netonly shell. Download git clone https://github.com/lkys37en/Start-ADEnum.git Functions Start-PreReqCheck Install-Tools Start-ADEnum Start-PreReqCheck This function determines if the...

RDP BlueKeep vulnerability

Exploiting the RDP BlueKeep vulnerability using Metasploit

The well-known penetration testing framework Metasploit recently added a utilization module for the high-risk vulnerability BlueKeep in its exploitation modules. BlueKeep is numbered CVE-2019-0708, a high-risk vulnerability discovered in May this year. It is...