CRACKMAPEXEC V5.2.2dev – A swiss army knife for pentesting networks
CRACKMAPEXEC
CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of “Living off the Land”: abusing built-in Active Directory features/protocols to achieve its functionality and allowing it to evade most endpoint protection/IDS/IPS solutions.
CME makes heavy use of the Impacket library (developed by @asolino) and the PowerSploit Toolkit (developed by @mattifestation) for working with network protocols and performing a variety of post-exploitation techniques.
Although meant to be used primarily for offensive purposes (e.g. red teams), CME can be used by blue teams as well to assess account privileges, find possible misconfiguration, and simulate attack scenarios.
CrackMapExec is developed by @byt3bl33d3r
This repository contains the following repositories as submodules:
- Impacket
- Pywinrm
- Pywerview
- PowerSploit
- Invoke-Obfuscation
- Invoke-Vnc
- Mimikittenz
- NetRipper
- RandomPS-Scripts
- SessionGopher
- Mimipenguin
Changelog v5.2.2dev
💫 Features 💫
- Add module
nanodump
- Add module
handleKatz
- Bump module LSASSY to version 3 thanks to @Hackndo
- Add timeout to avoid CTRL-C situation
- Improve LDAP output
- No more sudo needed to exec command
- Integration of bloodhound
- New core option
--laps
to exec code on all machines even if laps is used - Improve NULL session option
- Add module adcs to exploit ADCS attack thanks to and
- Add module
MS17-010
- Add module
zerologon
- Add module
noPAC
- Add module
petitPotam
- Add module
ioxidresolver
🔧 Issues 🔧
Demo
Using the empire_exec module in CrackMapExec v4.0
Using the met_inject module in CrackMapExec v4.0
Copyright (c) 2020, byt3bl33d3r
Source: https://github.com/byt3bl33d3r/