htbenum: A Linux enumeration script for Hack The Box
htbenum A Linux enumeration script for Hack The Box This script is designed for use in situations where you do not have internet access on a Linux host and would like to run enumeration...
Category: Post Exploitation
BloodHound.py v1.0.4 releases: A Python based ingestor for BloodHound
BloodHound.py BloodHound.py is a Python-based ingestor for BloodHound, based on Impacket. This version of BloodHound.py is only compatible with BloodHound 3.0 or newer. Limitations BloodHound.py currently has the following limitations: Supports most, but not all BloodHound (SharpHound)...
chromepass: Gather Chrome Saved Passwords
Chromepass – Hacking Chrome Saved Passwords Chromepass is a python-based console application that generates a windows executable with the following features: Decrypt Chrome saved passwords Send a file with the login/password combinations remotely (email...
Empire 3.1.3 releases: PowerShell & Python post-exploitation agent
Empire 3.0 is a post-exploitation framework that includes a pure-PowerShell 2.0 Windows agent, and compatibility with Python 2.x/3.x Linux/OS X agents. It is the merger of the previous PowerShell Empire and Python EmPyre projects....
Starkiller: Frontend for PowerShell Empire
Starkiller Starkiller is a Frontend for Powershell Empire. It is an Electron application written in VueJS. Multi-user GUI application for interfacing with the Empire C2 server from any computer. Starkiller represents a huge step forward...
DSInternals PowerShell Module and Framework v4.2 Releases
DSInternals PowerShell Module and Framework The DSInternals project consists of these two parts: The DSInternals Framework exposes several internal features of Active Directory and can be used from any .NET application. The codebase has already been integrated into...
Ps-Tools: advanced process monitoring toolkit for offensive operations
Ps-Tools, an advanced process monitoring toolkit for offensive operations. Having a good technical understanding of the systems we land on during an engagement is a key condition for deciding what is going to be...
PrivescCheck: Privilege Escalation Enumeration Script for Windows
PrivescCheck – Privilege Escalation Enumeration Script for Windows This script aims to enumerate common Windows security misconfigurations which can be leveraged for privilege escalation and gather various information which might be useful for exploitation and/or post-exploitation. Features Current User Invoke-UserCheck –...
lollipopz: Data exfiltration utility for testing detection capabilities
lollipopz Data exfiltration utility used for testing the detection capabilities of security products. Obviously for legal purposes only. Download git clone https://github.com/tasooshi/lollipopz.git Use /etc/shadow -> HTTP GET requests Server # ./lollipopz-cli.py -m lollipopz.methods.http.param_cipher.GETServer -lp...
pypykatz v0.3.7 releases: Mimikatz implementation in pure Python
pypykatz Mimikatz implementation in pure Python Why do I need these dumps files? In order to create mimikatz in Python, one would have to create structure definitions of a gazillion different structures (check the...
