Mr.Kaplan The biggest problem for any attacker is the windows event logger (ETW). Almost every famous blue teams agents (Sysmon, Wazuh, etc.) use it, which means that if you somehow disable this service no...
PrivescCheck – Privilege Escalation Enumeration Script for Windows This script aims to enumerate common Windows security misconfigurations which can be leveraged for privilege escalation and gather various information that might be useful for exploitation and/or post-exploitation. Features Current User Invoke-UserCheck...
Here you will find privilege escalation tools for Windows and Linux/Unix* (in some near future also for Mac). These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so...
SharpHound – C# Rewrite of the BloodHound Ingestor Usage Enumeration Options CollectionMethod – The collection method to use. This parameter accepts a comma-separated list of values. Has the following potential values (Default: Default): Default –...
Certipy Certipy is a Python tool to enumerate and abuse misconfigurations in Active Directory Certificate Services (AD CS). Changelog v4.0 Schannel authentication for LDAPS SSPI / Integrated Windows authentication New BloodHound format for forked version...
RedGuard – Excellent C2 Front Flow Control tool RedGuard is a derivative work of the C2 facility pre-flow control technology. It has a lighter design, efficient flow interaction, and reliable compatibility with go language...
BloodHound is a single page Javascript web application, built on top of Linkurious, compiled with Electron, with a Neo4jdatabase fed by a PowerShell ingestor. BloodHound uses graph theory to reveal the hidden and often unintended relationships within...
Empire 4.0 is a post-exploitation framework that includes a pure-PowerShell 2.0 Windows agent, and compatibility with Python 2.x/3.x Linux/OS X agents. It is the merger of the previous PowerShell Empire and Python EmPyre projects....
PoshC2 PoshC2 is a proxy aware C2 framework used to aid penetration testers with red teaming, post-exploitation and lateral movement. PoshC2 is primarily written in Python3 and follows a modular format to enable users...
PowerHub PowerHub is a web application which aids a pentester in transferring files, in particular, code which may get flagged by endpoint protection. During an engagement where you have a test client available, one...
