Security Training Share
BloodHound is a single page Javascript web application, built on top of Linkurious, compiled with Electron, with a Neo4jdatabase fed by a PowerShell ingestor. BloodHound uses graph theory to reveal the hidden and often unintended relationships within...
EvilOSX A pure python, post-exploitation, remote administration tool (RAT) for macOS/OS X. Feature Emulate a terminal instance Simple extendable module system No bot dependencies (pure python) Undetected by anti-virus (OpenSSL AES-256 encrypted payloads) Persistent GUI and CLI support...
Mimikatz is an open source gadget written in C, launched in April 2014. It is very powerful, support from the Windows system memory to extract clear text password, hash, PIN code and Kerberos credentials,...
BloodHound.py BloodHound.py is a Python-based ingestor for BloodHound, based on Impacket. This tool is currently in Beta and should not be considered feature-complete or fully stable. Limitations BloodHound.py currently has the following limitations: Currently only single...
Enumdb is brute force and post exploitation tool for MySQL and MSSQL databases. When provided a list of usernames and/or passwords, it will cycle through each looking for valid credentials. By default enumdb will...
ACLight A script for an advanced discovery of Privileged Accounts – includes Shadow Admins. The tool was published as part of the “Shadow Admins” research – more details on “Shadow Admins” are in the...
THRecon -Threat Hunting Reconnaissance Toolkit- Collect endpoint information for use in incident response, threat hunting, live forensics, baseline monitoring, etc. Host Info Processes* Services Autoruns Drivers ARP DLLs* EnvVars Hosts File ADS DNS Strings*...
ADRecon: Active Directory Recon ADRecon is a tool which extracts and combines various artifacts (as highlighted below) out of an AD environment. The information can be presented in a specially formatted Microsoft Excel report...
Powermad – PowerShell MachineAccountQuota and DNS exploit tools Functions MachineAccountQuota Functions The default Active Directory ms-DS-MachineAccountQuota attribute setting allows all domain users to add up to 10 machine accounts to a domain. Powermad includes...
As a penetration tester, I know that you usually choose to use Kali Linux like penetration testing distribution. Kali Linux is a powerful distribution. It includes many, many pentesting tools. If you are Ubuntu/...
BeRoot Project is a post exploitation tool to check common misconfigurations to find a way to escalate our privilege. It has been added to the pupy project as a post exploitation module (so it will be...
The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases, etc.). This tool has been developed...
pypykatz Mimikatz implementation in pure Python Why do I need these dumps files? In order to create mimikatz in Python, one would have to create structure definitions of a gazillion different structures (check the...
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang. An introductory blog post can be found here. Evade network detection during a penetration test/red team exercise by using...
