Certify Certify is a C# tool that can enumerate useful configuration and infrastructure information about of AD CS environments and can request certificates in a variety of different ways. Certify...
SharpDNSExfil SharpDNSExfil is an exfiltration tool written in C#. The main objective is to exfiltrate any “on disk” files without having to worry about restricted outbound connections. Prerequisite The remote...
Azur3Alph4 Azur3Alph4 is a PowerShell module that automates red-team tasks for ops on an objective. This module situates in a post-breach (RCE achieved) position. Token extraction and many other tools...
ForgeCert ForgeCert uses the BouncyCastle C# API and a stolen Certificate Authority (CA) certificate + private key to forge certificates for arbitrary users capable of authentication to Active Directory. This attack is...
Exploitation / Post Exploitation
by do son · Published September 15, 2021 · Last modified May 1, 2024
Khepri Khepri is a Cross-platform agent, the architecture and usage like Cobalt Strike but free and open-source. beacon: Agent, written in C++. teamserver: Server, written in Golang. teamclient: User client,...
SpoolSploit A collection of Windows print spooler exploits containerized with other utilities for practical exploitation. Summary SpoolSploit is a collection of Windows print spooler exploits containerized with other utilities for...
QueenSono ICMP Data Exfiltration A Golang Package for Data Exfiltration with ICMP protocol. QueenSono tool only relies on the fact that ICMP protocol isn’t monitored. It is quite common. It...
Liquid Snake Liquid Snake is a program aimed at performing fileless lateral movement against Windows systems without touching the disk. The tool relies on WMI Event Subscription in order to execute...
Concealed Position Concealed Position is a local privilege escalation attack against Windows using the concept of “Bring Your Own Vulnerability”. Specifically, Concealed Position (CP) uses the as designed package point and print...
targetedKerberoast targetedKerberoast is a Python script that can, like many others (e.g. GetUserSPNs.py), print “kerberoast” hashes for user accounts that have an SPN set. This tool brings the following additional feature:...
SharpStrike SharpStrike is a post-exploitation tool written in C# that uses either CIM or WMI to query remote systems. It can use provided credentials or the current user’s session. Note:...
The PyIris Project The PyIris project is a modular, stealthy and flexible remote-access-toolkit written completely in python. It allows users to dynamically build, generate, and encode/encrypt remote-access-trojan payloads for remote control...
InlineExecute-Assembly InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork...
Invoke-DNSteal Invoke-DNSteal is a Simple & Customizable DNS Data Exfiltration. This tool helps you to exfiltrate data through DNS protocol over UDP and TCP and lets you control the size...
PSPKIAudit PowerShell toolkit for auditing Active Directory Certificate Services (AD CS). It is built on top of PKISolution‘s PSPKI toolkit (Microsoft Public License). This repo contains a newer version of PSPKI than...
Support Securityonline.info site. Thanks!
