EmpireDog PowerEmpire + EmpireStrike + CypherDog + DogStrike git clone https://github.com/SadProcessor/EmpireDog.git This project includes: PowerEmpire2.0_DogMod PowerShell Modules made to interact with BloodHound and Empire’s APIs, and automate post-exploitation sequences by orchestrating...
DomainPasswordSpray DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default, it will automatically generate the userlist from the domain....
Exploitation / Network PenTest / Post Exploitation
by do son · Published March 25, 2018 · Last modified October 25, 2022
Invoke-DOSfuscation v1.0 Invoke-DOSfuscation is a PowerShell v2.0+ compatible cmd.exe command obfuscation framework. Over the past several years as an Incident Response consultant, I have witnessed a myriad of obfuscation and...
vCheck Daily Report for vSphere vCheck is a PowerShell HTML framework script, the script is designed to run as a scheduled task before you get into the office to present...
Exploitation / Information Gathering / Network PenTest / Post Exploitation
by do son · Published March 21, 2018
Red Team Scripts Red Team Scripts is a collection of red teaming related tools, scripts, techniques, and notes developed or discovered over time during engagements. Related tool release blog posts...
PowerHungry Experimental PowerShell tools for Penetration Testing / Red Teaming Download git clone https://github.com/linuz/PowerHungry.git Current Scripts: Get-AllTrusts Get-AllTrusts will list the trusts for the inputted or current domain/forest. Will also output...
Network PenTest / Post Exploitation
by do son · Published March 19, 2018 · Last modified May 6, 2018
Sherlock PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities. Currently looks for: MS10-015: User Mode to Ring (KiTrap0D) MS10-092: Task Scheduler MS13-053: NTUserMessageCall Win32k Kernel...
DNS-Persist DNS-Persist is a post-exploitation agent which uses DNS for command and control. The server-side code is in Python and the agent is coded in C++. This is the first...
Network PenTest / Post Exploitation
by do son · Published March 4, 2018 · Last modified October 10, 2021
PSSysmonTools Sysmon Tools for PowerShell Download git clone https://github.com/mattifestation/PSSysmonTools.git Implemented functions Get-SysmonConfiguration Parses a Sysmon driver configuration from the registry. The output is nearly identical to that of “sysmon.exe -c” but...
Network PenTest / Networking / Post Exploitation
by do son · Published February 25, 2018 · Last modified May 1, 2024
DNSExfiltrator Author: Arno0x0x – @Arno0x0x DNSExfiltrator allows for transferring (exfiltrate) a file over a DNS request covert channel. This is basically a data leak testing tool allowing to exfiltrate data over...
3snake – dump sshd and sudo credential related strings Targeting rooted servers, reads memory from sshd and sudo system calls that handle password-based authentication. Doesn’t write any memory to the traced processes. Spawns a...
Network PenTest / Post Exploitation
by do son · Published February 13, 2018 · Last modified November 4, 2024
Misc-Powershell-Scripts Download git clone https://github.com/rvrsh3ll/Misc-Powershell-Scripts.git This project includes Backdoor-ExcelAddIn.ps1 Add a malicious addin for persistence. Don’t forget to add your split base64 encoded shellcode in the Init function Brute-Email.ps1 Using a...
Harness Interactive remote PowerShell Payload Harness is remote access payload with the ability to provide a remote interactive PowerShell interface from a Windows system to virtually any TCP socket. The...
Network PenTest / Post Exploitation
by do son · Published February 10, 2018 · Last modified June 3, 2018
CredCrack is a fast and stealthy credential harvester. It exfiltrates credentials recursively in memory and in the clear. Upon completion, CredCrack will parse and output the credentials while identifying any...
Network PenTest / Post Exploitation
by do son · Published February 2, 2018 · Last modified October 10, 2021
The LaZagne Project !!! Description The LaZagne project is back !!! LaZagne uses an internal Windows API called CryptUnprotectData to decrypt user passwords. This API should be called on the victim user session, otherwise, it...
Support Securityonline.info site. Thanks!
