Network PenTest Archives • Page 3 of 56 • Cybersecurity News

S4UTomato: Escalate Service Account To LocalSystem via Kerberos

do son August 8, 2023

S4UTomato Escalate Service Account To LocalSystem via Kerberos. Traditional Potatoes Friends familiar with the “Potato” series of...

Chimera v1.0 releases: Automated DLL Sideloading Tool With EDR Evasion Capabilities

do son August 6, 2023

Chimera While DLL sideloading can be used for legitimate purposes, such as loading necessary libraries for a...

chromecookiestealer: Steal/Inject Chrome cookies over the DevTools protocol Steal Chrome cookies

chromecookiestealer: Steal/Inject Chrome cookies over the DevTools protocol

do son August 4, 2023

Chrome Cookie Stealer (and injector) Attaches to Chrome using its Remote DevTools protocol and steals/injects/clears/deletes cookies. Heavily...

NixImports: .NET malware loader, using API-Hashing and dynamic invoking to evade static analysis

do son August 2, 2023

NixImports A .NET malware loader, using API-Hashing and dynamic invoking to evade static analysis. NixImports aims to...

Code Credential Scanner: scan a large, diverse codebase for hard-coded credentials, or credentials present in configuration files

do son August 2, 2023

Code Credential Scanner This script is intended to scan a large, diverse codebase for hard-coded credentials, or...

psudohash: Generates millions of keyword-based password mutations in seconds password list generator

psudohash: Generates millions of keyword-based password mutations in seconds

do son August 1, 2023

psudohash Psudohash is a password list generator for orchestrating brute force attacks and cracking hashes. It imitates...

Html Smuggling: hide malware payloads in an encoded script

do son July 31, 2023

Html Smuggling HTML smuggling is a malicious technique used by hackers to hide malware payloads in an...

KRBUACBypass v1.0 releases: UAC Bypass By Abusing Kerberos Tickets UAC Bypass Kerberos

KRBUACBypass v1.0 releases: UAC Bypass By Abusing Kerberos Tickets

do son July 29, 2023

KRBUACBypass UAC Bypass By Abusing Kerberos Tickets This POC is inspired by James Forshaw (@tiraniddo) shared at...

ADCSKiller: ADCS Exploitation Automation Tool exploiting Active Directory Certificate Services

ADCSKiller: ADCS Exploitation Automation Tool

do son July 23, 2023

ADCSKiller – An ADCS Exploitation Automation Tool ADCSKiller is a Python-based tool designed to automate the process...

PE-Obfuscator: PE obfuscator with Evasion in mind

do son July 22, 2023

PE-Obfuscator PE obfuscator with Evasion in mind needs Admin Privilege in order to load the RTCore64 driver....

canTot: exploit framework focused on known CAN Bus vulnerabilities or fun CAN Bus hacks

do son July 18, 2023

canTot canTot is a python-based cli framework based on sploitkit and is easy to use because it...

PrivKit: simple beacon object file that detects privilege escalation vulnerabilities

do son July 16, 2023

PrivKit PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on...

RecycledInjector: Fully Undetected same-process native/.NET assembly shellcode injector

do son July 11, 2023

RecycledInjector (Currently) Fully Undetected same-process native/.NET assembly shellcode injector based on RecycledGate by thefLink, which is also based on...

Lord Of Active Directory: automatic vulnerable active directory on AWS

do son July 10, 2023

LOAD – Lord Of Active Directory Based on AWS-Redteam-Lab and OCD GOAD The price for running the...

ShellGhost: memory-based evasion technique memory evasion technique

ShellGhost: memory-based evasion technique

do son July 10, 2023

ShellGhost A memory-based evasion technique which makes shellcode invisible from process start to end. Handling the Thread...