Information Security
EDR-Checker Invoke-EDRChecker will check running processes, process metadata, Dlls loaded into your current process and each DLLs metadata, common install directories, installed services, the registry and running drivers for the presence of known defensive...
Enumdb is a brute force and post-exploitation tool for MySQL and MSSQL databases. When provided a list of usernames and/or passwords, it will cycle through each targeted host looking for valid credentials. By default,...
SharpDPAPI SharpDPAPI is a C# port of some DPAPI functionality from @gentilkiwi‘s Mimikatz project. The SharpChrome subproject is an adaptation of work from @gentilkiwi and @djhohnstein, specifically his SharpChrome project. However, this version of SharpChrome uses a different version of the C# SQL library that...
UACMe Defeating Windows User Account Control by abusing built-in Windows AutoElevate backdoor. System Requirements x86-32/x64 Windows 7/8/8.1/10TH1/10TH2/10RS1/10RS2 (client, some methods, however, works on server version too). Admin account with UAC set on default settings...
CRACKMAPEXEC CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of “Living off the Land”: abusing built-in Active...
SharpRDP – Remote Desktop Protocol Console Application for Authenticated Command Execution How it works The terminal services library (mstscax.dll) has two different forms that can leveraged, the scriptable control that can be used by...
Postenum is a clean, nice and easy tool for basic/advanced privilege escalation vectors/techniques. Postenum tool is intended to be executed locally on a Linux box. Changelog v1.0 – New shell escaping (docker, ftp, irb).....
Enumy Enumy is a portable executable that you drop on the target Linux machine during a pentest or CTF in the post-exploitation phase. Running enumy will enumerate the box for common security vulnerabilities. It...
BetterBackdoor A backdoor is a tool used to gain remote access to a machine. Typically, backdoor utilities such as NetCat have 2 main functions: to pipe remote input into cmd or bash and output...
Stowaway Stowaway is a Multi-hop proxy tool for security researchers and pentesters Users can easily proxy their network traffic to intranet nodes (multi-layer) PS: The files under demo folder are Stowaway’s beta version, it’s...
