Information Security
kekeo kekeo is a little toolbox I have started to manipulate Microsoft Kerberos in C (and for fun) Changelog 2.2.0 20200718 [new] basic server::http to get Kerberos ticket from delegations [enhancement] tgt:: now supports authentication...
DSInternals PowerShell Module and Framework The DSInternals project consists of these two parts: The DSInternals Framework exposes several internal features of Active Directory and can be used from any .NET application. The codebase has already been integrated into...
Mimikatz is an open-source gadget written in C, launched in April 2014. It is very powerful, support from the Windows system memory to extract clear text password, hash, PIN code, and Kerberos credentials, and...
SharpDPAPI SharpDPAPI is a C# port of some DPAPI functionality from @gentilkiwi‘s Mimikatz project. The SharpChrome subproject is an adaptation of work from @gentilkiwi and @djhohnstein, specifically his SharpChrome project. However, this version of SharpChrome uses a different version of the C# SQL library that...
Pickl3 Pickl3 is Windows active user credential phishing tool. You can execute the Pickl3 and phish the target user credential. Operational Usage – 1 Nowadays, since the operating system of many end-users is Windows...
TrustJack bypassing UAC with DLL Hijacking technique DLL Hijacking is a popular technique for executing malicious payloads. Attackers have been seen to use DLL hijacking in different ways and for different reasons. Motives include execution (executing...
PoshC2 PoshC2 is a proxy aware C2 framework used to aid penetration testers with red teaming, post-exploitation and lateral movement. PoshC2 is primarily written in Python3 and follows a modular format to enable users...
browsertunnel Browsertunnel is a tool for exfiltrating data from the browser using the DNS protocol. It achieves this by abusing dns-prefetch, a feature intended to reduce the perceived latency of websites by doing DNS...
What is it for? Grouper2 is a tool for pentesters to help find security-related misconfigurations in Active Directory Group Policy. It might also be useful for other people doing other stuff, but it is explicitly NOT...
pypykatz Mimikatz implementation in pure Python Why do I need these dumps files? In order to create mimikatz in Python, one would have to create structure definitions of a gazillion different structures (check the...
Suggested Reading