Security Training Share
GhostDelivery GhostDelivery is a Python script to generate obfuscated .vbs script that delivers payload (payload dropper) with persistence and windows antivirus disabling functions. Heavy: Downloads payload to TEMP directory and executes payload to bypass...
Active Directory Assessment and Privilege Escalation (ADAPE) Script This script will do the following: • Gather hashes via WPAD, LLMNR, and NBT-NS spoofing • Check for GPP password (MS14-025) • Gather hashes for accounts...
LinEnum – Scripted Local Linux Enumeration & Privilege Escalation Checks For more information visit www.rebootuser.com Note: Export functionality is currently in the experimental stage. High-level summary of the checks/tasks performed by LinEnum: Kernel and distribution release...
Log-killer Log Killer is a tool for [Linux/Windows] Servers. This tool will delete all your logs, just download the tool and run it on the server. If your server OS is Windows then download...
WinPwn Automation for internal Windows Penetration Testing. 1) Automatic Proxy Detection 2) Elevated or unelevated Detection 3) Forensic Mode oder Pentest Mode a. Forensik -> Loki + PSRECON + Todo: Threathunting functions b. Pentest...
BloodHound is a single page Javascript web application, built on top of Linkurious, compiled with Electron, with a Neo4jdatabase fed by a PowerShell ingestor. BloodHound uses graph theory to reveal the hidden and often unintended relationships within...
VaultBreaker A toolset designed for attacks against common password managers. VaultBreaker is a Proof of Concept that demonstrates different attacks that can be performed against password managers. It supports 3 main functions. Clipboard Event...
zBang is a special risk assessment tool that detects potential privileged account threats in the scanned network. Organizations and red teamers can utilize zBang to identify potential attack vectors and improve the security posture...
Krbrelayx – Unconstrained delegation abuse toolkit Toolkit for abusing unconstrained delegation. Requires impacket and ldap3 to function. It is recommended to install impacket from git directly to have the latest version available. Download git clone https://github.com/dirkjanm/krbrelayx.git Tools included addspn.py...
uptux Privilege escalation checks for Linux systemd. This tool checks for issues on Linux systems that may lead to privilege escalation. The core focus in on systemd configuration. This tool is under active development...
UACMe Defeating Windows User Account Control by abusing built-in Windows AutoElevate backdoor. System Requirements x86-32/x64 Windows 7/8/8.1/10TH1/10TH2/10RS1/10RS2 (client, some methods, however, works on server version too). Admin account with UAC set on default settings...
THRecon THRecon -Threat Hunting Reconnaissance Toolkit- A collection of PowerShell modules designed for artifact gathering and reconnaissance of Windows-based endpoints. Use cases include incident response triage, threat hunting, baseline monitoring, snapshot comparisons, and more....
Red Team Powershell Scripts Various PowerShell scripts that may be useful during a red team exercise Download git clone https://github.com/Mr-Un1k0d3r/RedTeamPowershellScripts.git The repo includes the script as below: Search-EventForUser.ps1: Powershell script that searches through the...
SharpCloud SharpCloud is a simple C# utility for checking for the existence of credential files related to Amazon Web Services, Microsoft Azure, and Google Compute. More information, please read here. Download git clone https://github.com/chrismaddalena/SharpCloud.git Usage...
