Category: Post Exploitation

BloodHound

BloodHound v4.0.1 released: Active Directory Toolkit

BloodHound is a single page Javascript web application, built on top of Linkurious, compiled with Electron, with a Neo4jdatabase fed by a PowerShell ingestor. BloodHound uses graph theory to reveal the hidden and often unintended relationships within...

Starkiller

Starkiller v1.5 releases: Frontend for PowerShell Empire

Starkiller Starkiller is a Frontend for Powershell Empire. It is an Electron application written in VueJS. Multi-user GUI application for interfacing with the Empire C2 server from any computer. Starkiller represents a huge step forward...

maalik

maalik v2.4.3 releases: Network Pivoting and Post Exploitation Framework for Windows

Maalik Network Pivoting and Post Exploitation Framework. Features Console Features Desktop notification on new sessions. Kill Online sessions easily. Build Maalik Client, Fhdawn easily. Configurable values in settings.ini Root shell. Multithreaded, Get multiple sessions. Maalik...

UACME

UACME v3.5.3 releases: Defeating Windows User Account Control

UACMe Defeating Windows User Account Control by abusing built-in Windows AutoElevate backdoor. System Requirements x86-32/x64 Windows 7/8/8.1/10TH1/10TH2/10RS1/10RS2 (client, some methods, however, works on server version too). Admin account with UAC set on default settings...

RogueWinRM

RogueWinRM: local privilege escalation exploit

RogueWinRM RogueWinRM is a local privilege escalation exploit that allows to escalate from a Service account (with SeImpersonatePrivilege) to a Local System account if WinRM service is not running (default on Win10 but NOT...