Network PenTest / Post Exploitation
by do son · Published August 17, 2018 · Last modified November 4, 2024
EvilOSX A pure python, post-exploitation, remote administration tool (RAT) for macOS/OS X. Feature Emulate a terminal instance Simple extendable module system No bot dependencies (pure python) Undetected by anti-virus (OpenSSL AES-256 encrypted payloads) Persistent...
Network PenTest / Post Exploitation
by do son · Published August 6, 2018 · Last modified November 4, 2024
Powermad – PowerShell MachineAccountQuota and DNS exploit tools Functions MachineAccountQuota Functions The default Active Directory ms-DS-MachineAccountQuota attribute setting allows all domain users to add up to 10 machine accounts to...
Network PenTest / Post Exploitation
by do son · Published August 3, 2018 · Last modified November 4, 2024
BeRoot Project is a post exploitation tool to check common misconfigurations to find a way to escalate our privilege. It has been added to the pupy project as a post exploitation module...
EventCleaner A tool mainly to erase specified records from Windows event logs, with additional functionalities. EventCleaner suspend suspends logging threads of the windows event log service, after which no logs...
Network PenTest / Post Exploitation
by do son · Published July 26, 2018 · Last modified November 4, 2024
yodo proves how easy it is to become root via limited sudo permissions, via dirty COW or using Pa(th)zuzu. dirty COW: exploits a race condition in the implementation of the...
Extract password from TeamViewer memory using Frida (CVE-2018-14333) TeamViewer automatically authentication A few days ago I worked on my windows cloud VPS with TeamViewer (where I set a custom password). After...
RPIVOT allows to tunnel traffic into an internal network via socks 4. It works like ssh dynamic port forwarding but in the opposite direction. This tool is Python 2.6-2.7 compatible...
Invoke-WMILM This is a PoC script for various methods to achieve authenticated remote code execution via WMI, without (at least directly) using the Win32_Process class. The type of technique is...
Piper Forward local or remote tcp ports through SMB pipes. Download git clone https://github.com/p3nt4/Invoke-Piper.git EXAMPLES Local port forwarding through pipe testPipe: -L 33389:127.0.0.1:3389 SERVER: Invoke-PiperServer -bindPipe testPipe -destHost 127.0.0.1 -destPort 3389...
CimSweep CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows. CimSweep may also be used...
mimipenguin A tool to dump the login password from the current Linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz. This was assigned CVE-2018-20781 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20781). Fun fact it’s...
PE-Linux New Linux Privilege Escalation Tool Getting Started System Information Gatherer Kernel Information Gatherer Checking Development environments on the system (Escaping Restricted Shells) Extract PATH & environment Information Check Kernel...
Invoke-LiveResponse The current scope of Invoke-LiveResponse is a live response tool for targeted collection. There are two main modes of use in Invoke-LiveResponse and both are configured by a variety of command...
SQLC2 SQLC2 is a PowerShell script for deploying and managing a command and control system that uses SQL Server as both the control server and the agent. At its core,...
Sleight Empire HTTP(S) C2 redirector setup script. Download git clone https://github.com/V1V1/Sleight.git Usage: Sleight can be used in 3 ways: 1) Setup HTTP Redirector: Run Sleight and feed it an Empire...
Support Securityonline.info site. Thanks!
