PatchChecker This is the code base for the service running on here. In short, PatchChecker is a web application (running on a flask) that provides output similar to that of Watson. However, by using...
CrackMapExecWin CrackMapExec v5.1.0 compiled for Windows Features Latest v5.1 version Compiled for windows x64 platforms Usage Download Crackmapexec from Release section Download and Install the VC_redist.x64.exe ‘Microsoft Visual C++ 2017 Redistributable (x64)‘ Download and...
SharpHound – C# Rewrite of the BloodHound Ingestor Usage Enumeration Options CollectionMethod – The collection method to use. This parameter accepts a comma-separated list of values. Has the following potential values (Default: Default): Default –...
CIRCO Cisco Implant Raspberry Controlled Operations Designed under Raspberry Pi and aimed for Red Team Ops, we take advantage of “Sec/Net/Dev/Ops” enterprise tools to capture network credentials in a stealth mode. Using low profile...
TikiTorch was named in homage to CACTUSTORCH by Vincent Yiu. The basic concept of CACTUSTORCH is that it spawns a new process, then uses CreateRemoteThread to run the desired shellcode within that target process. Both the process and...
Active Directory Assessment and Privilege Escalation (ADAPE) Script This script will do the following: • Gather hashes via WPAD, LLMNR, and NBT-NS spoofing • Check for GPP password (MS14-025) • Gather hashes for accounts...
Windows / Linux Local Privilege Escalation Workshop My give back to the community initiative that was presented for free at several private and public events across Australia: Sydney – PlatypusCon (2017) Perth – BsidesPerth...
Freedom Fighting Mode (FFM) FFM is a hacking harness that you can use during the post-exploitation phase of a red-teaming engagement. The idea of the tool was derived from a 2007 conference from @thegrugq. It was...
ACLight A script for an advanced discovery of Privileged Accounts – includes Shadow Admins. The tool was published as part of the “Shadow Admins” research – more details on “Shadow Admins” are in the...
Invoke-LiveResponse The current scope of Invoke-LiveResponse is a live response tool for targeted collection. There are two main modes of use in Invoke-LiveResponse and both are configured by a variety of command line switches. ForensicCopy Reflectively...
Suggested Reading