SharpCloud SharpCloud is a simple C# utility for checking for the existence of credential files related to Amazon Web Services, Microsoft Azure, and Google Compute. More information, please read here....
Forensics / Network PenTest / Post Exploitation
by do son · Published May 3, 2019 · Last modified November 4, 2024
LiMEaide LiMEaide is a python application designed to remotely dump RAM on a Linux client and create a volatility profile for later analysis on your localhost. I hope that this...
BloodHound.py BloodHound.py is a Python-based ingestor for BloodHound, based on Impacket. This version of BloodHound.py is only compatible with BloodHound 4.2 and 4.3. For BloodHound CE, check out the bloodhound-ce branch Limitations BloodHound.py currently...
Post Exploitation / Vulnerability Analysis
by do son · Published April 30, 2019 · Last modified June 26, 2022
Windows Exploit Suggester – Next Generation (WES-NG) WES-NG is a tool based on the output of Windows’ systeminfo utility that provides you with the list of vulnerabilities the OS is vulnerable...
Golang UAC Bypasser (GUACBP) Collection of bypass techniques written in Golang. Rewrite of – https://github.com/rootm0s/WinPwnage to Golang. Techniques implemented: UAC Bypass using computerdefaults.exe UAC Bypass using eventvwr.exe UAC Bypass using fodhelper.exe UAC Bypass using HKCU Registry...
Merlin Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang. An introductory blog post can be found here. Evade network detection during a penetration...
Mythic Mythic is a multiplayer, command, and control platform for red teaming operations. It is designed to facilitate a plug-n-play architecture where new agents, communication channels, and modifications can happen...
kekeo kekeo is a little toolbox I have started to manipulate Microsoft Kerberos in C (and for fun) Changelog v2.2.0 20211214 [internal] display kdc certificate informations [new] certificate user selection...
Password Attacks / Post Exploitation
by do son · Published April 5, 2019 · Last modified May 11, 2020
Enumdb is a brute force and post-exploitation tool for MySQL and MSSQL databases. When provided a list of usernames and/or passwords, it will cycle through each targeted host looking for...
mXtract An open source Linux based tool that analyzes and dumps memory. It is developed as an offensive penetration testing tool, which is used to scan memory for private keys,...
Network PenTest / Post Exploitation
by do son · Published March 22, 2019 · Last modified August 24, 2021
Tokenvator A tool to elevate privilege with Windows Tokens This tool has two methods of operation – interactive and argument modes Interactive Mode: C:> tokenvator.exe (Tokens) > steal_token 908 cmd.exe...
SessionGopher Quietly digging up saved session information for PuTTY, WinSCP, FileZilla, SuperPuTTY, and RDP SessionGopher is a PowerShell tool that finds and decrypts saved session information for remote access tools....
poshkatz poshkatz is a PowerShell module for Mimikatz that has a number of cool features! Features Mimiktaz tab expansion “autocomplete” Autocompletes mimikatz commands, parameters and paramter values. Cmdlet wrappers for...
SharpCradle is a tool designed to help penetration testers or red teams download and execute .NET binaries into memory. SharpCradle loads a remote C# PE binary from either a remote...
Network PenTest / Post Exploitation
by do son · Published March 3, 2019 · Last modified November 4, 2024
portia Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised Privilege escalation Lateral movement Convenience modules...
Support Securityonline.info site. Thanks!
