Security Training Share
Krbrelayx – Unconstrained delegation abuse toolkit Toolkit for abusing unconstrained delegation. Requires impacket and ldap3 to function. It is recommended to install impacket from git directly to have the latest version available. Download git clone https://github.com/dirkjanm/krbrelayx.git Tools included addspn.py...
uptux Privilege escalation checks for Linux systemd. This tool checks for issues on Linux systems that may lead to privilege escalation. The core focus in on systemd configuration. This tool is under active development...
PowerHub PowerHub is a web application which aids a pentester in transferring files, in particular, code which may get flagged by endpoint protection. During an engagement where you have a test client available, one...
UACMe Defeating Windows User Account Control by abusing built-in Windows AutoElevate backdoor. System Requirements x86-32/x64 Windows 7/8/8.1/10TH1/10TH2/10RS1/10RS2 (client, some methods, however, works on server version too). Admin account with UAC set on default settings...
WinPwn Automation for internal Windows Penetration Testing. 1) Automatic Proxy Detection 2) Elevated or unelevated Detection 3) Forensic Mode oder Pentest Mode a. Forensik -> Loki + PSRECON + Todo: Threathunting functions b. Pentest...
THRecon THRecon -Threat Hunting Reconnaissance Toolkit- A collection of PowerShell modules designed for artifact gathering and reconnaissance of Windows-based endpoints. Use cases include incident response triage, threat hunting, baseline monitoring, snapshot comparisons, and more....
pypykatz Mimikatz implementation in pure Python Why do I need these dumps files? In order to create mimikatz in Python, one would have to create structure definitions of a gazillion different structures (check the...
Red Team Powershell Scripts Various PowerShell scripts that may be useful during a red team exercise Download git clone https://github.com/Mr-Un1k0d3r/RedTeamPowershellScripts.git The repo includes the script as below: Search-EventForUser.ps1: Powershell script that searches through the...
SharpCloud SharpCloud is a simple C# utility for checking for the existence of credential files related to Amazon Web Services, Microsoft Azure, and Google Compute. More information, please read here. Download git clone https://github.com/chrismaddalena/SharpCloud.git Usage...
Mimikatz is an open source gadget written in C, launched in April 2014. It is very powerful, support from the Windows system memory to extract clear text password, hash, PIN code, and Kerberos credentials,...
DSInternals PowerShell Module and Framework The DSInternals project consists of these two parts: The DSInternals Framework exposes several internal features of Active Directory and can be used from any .NET application. The codebase has already been...
LiMEaide LiMEaide is a python application designed to remotely dump RAM on a Linux client and create a volatility profile for later analysis on your localhost. I hope that this will simplify Linux digital...
BloodHound.py BloodHound.py is a Python-based ingestor for BloodHound, based on Impacket. This version of BloodHound is only compatible with BloodHound 2.0 or newer. Limitations BloodHound.py currently has the following limitations: Does not yet support all BloodHound (SharpHound)...
Windows Exploit Suggester – Next Generation (WES-NG) WES-NG is a tool which based on the output of Windows’ systeminfo utility provides you with the list of vulnerabilities the OS is vulnerable to, including any exploits for...
Suggested Reading TRENDING Linux news