Category: Post Exploitation

Privilege Escalation Enumeration

PrivescCheck: Privilege Escalation Enumeration Script for Windows

PrivescCheck – Privilege Escalation Enumeration Script for Windows This script aims to enumerate common Windows security misconfigurations which can be leveraged for privilege escalation and gather various information that might be useful for exploitation and/or post-exploitation. Features Current User Invoke-UserCheck...

abuse misconfigurations Active Directory

Certipy v4.0 releases: Active Directory certificate abuse

Certipy Certipy is a Python tool to enumerate and abuse misconfigurations in Active Directory Certificate Services (AD CS). Changelog v4.0 Schannel authentication for LDAPS SSPI / Integrated Windows authentication New BloodHound format for forked version...


BloodHound v4.2 released: Active Directory Toolkit

BloodHound is a single page Javascript web application, built on top of Linkurious, compiled with Electron, with a Neo4jdatabase fed by a PowerShell ingestor. BloodHound uses graph theory to reveal the hidden and often unintended relationships within...