0xsp-Mongoose v2.2.2 releases: Privilege Escalation Enumeration Toolkit

by do son · Published · Updated

0xsp Mongoose Linux Privilege Escalation intelligent Enumeration Toolkit

0xsp mongoose red version is provided to assist your needs during cyber security simulation, by using this version you will be able to audit a targeted windows operation system for system vulnerabilities, misconfigurations and privilege escalation attacks.

with node js support for web application API, it becomes much easier for installation and customization in timely manner, the windows sensor agent will communicate with application API to transfer results, and receive commands as bidirectional technique.

the agent is able to identify and detect windows exploits by using windows update api and exploit database definitions modules, the new release will detect also the following vulnerabilities.

  • CVE-2019-0836
  • CVE-2019-0841
  • CVE-2019-1064
  • CVE-2019-1130
  • CVE-2019-1253
  • CVE-2019-1385
  • CVE-2019-1388
  • CVE-2019-1405
  • CVE-2019-1315
  • CVE-2020-0787
  • CVE-2020-0796
  • CVE-2020-0797

Privilege Escalation Enumeration Toolkit

Features

  • web application built with NodeJS
  • supports sqlite DB
  • Lateral movements techniques.
  • Bidirectional communication channel. video
  • Plugins online packaging.
  • Enhanced exploit detecter scripting engine.
  • the weaponization of run-as-user windows api function.
  • local network scanning and shares enumeration.
  • lsass memory dumping technique (plugin).

Changelog v2.2.2

  • support nightmare spooler scanner
  • major bug fixes and improvement

Installation & Usage

Demo

Copyright (C) 2019 lawrenceamer

Tags: Privilege Escalation Enumeration Toolkit