CRACKMAPEXEC V5.2.2dev – A swiss army knife for pentesting networks

CRACKMAPEXEC

CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of “Living off the Land”: abusing built-in Active Directory features/protocols to achieve its functionality and allowing it to evade most endpoint protection/IDS/IPS solutions.

CME makes heavy use of the Impacket library (developed by @asolino) and the PowerSploit Toolkit (developed by @mattifestation) for working with network protocols and performing a variety of post-exploitation techniques.

Although meant to be used primarily for offensive purposes (e.g. red teams), CME can be used by blue teams as well to assess account privileges, find possible misconfiguration, and simulate attack scenarios.

CrackMapExec is developed by @byt3bl33d3r

This repository contains the following repositories as submodules:

• Impacket
• Pywinrm
• Pywerview
• PowerSploit
• Invoke-Obfuscation
• Invoke-Vnc
• Mimikittenz
• NetRipper
• RandomPS-Scripts
• SessionGopher
• Mimipenguin

Changelog v5.2.2dev

💫 Features 💫

• Add module nanodump
• Add module handleKatz
• Bump module LSASSY to version 3 thanks to @Hackndo
• Add timeout to avoid CTRL-C situation
• Improve LDAP output
• No more sudo needed to exec command
• Integration of bloodhound
• New core option --laps to exec code on all machines even if laps is used
• Improve NULL session option
• Add module adcs to exploit ADCS attack thanks to and ​
• Add module MS17-010
• Add module zerologon ​
• Add module noPAC
• Add module petitPotam
• Add module ioxidresolver ​

🔧 Issues 🔧

Download & Tutorial

Demo

Using the empire_exec module in CrackMapExec v4.0

Using the met_inject module in CrackMapExec v4.0

Copyright (c) 2020, byt3bl33d3r

Source: https://github.com/byt3bl33d3r/