Transferring Files over ICMP in Restricted Network Environments
https://icyguider.github.io/2022/02/01/Transferring-Files-Over-ICMP.html
@NetPentesters
https://icyguider.github.io/2022/02/01/Transferring-Files-Over-ICMP.html
@NetPentesters
[ How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks ]
https://www.praetorian.com/blog/how-to-exploit-active-directory-acl-attack-paths-through-ldap-relaying-attacks/
#ad
#acl
#ldap
#relay
@NetPentesters
https://www.praetorian.com/blog/how-to-exploit-active-directory-acl-attack-paths-through-ldap-relaying-attacks/
#ad
#acl
#ldap
#relay
@NetPentesters
Praetorian
How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks
Overview This article describes methods by which an attacker can induce a victim user into authenticating using the NT Lan Manager (NTLM) Authentication Protocol to an attacker-controlled “Intranet” site, even in instances where that site points to an external…
Tool to scan user data with neural networks
Octopii is an AI based user information scanner that uses Tesseract's Optical Character Recognition (OCR) and MobileNet's Convolutional Neural Network (CNN) model.
Allows you to detect various forms of government IDs, passports, debit cards, driver's licenses, photographs, signatures, etc.
https://github.com/redhuntlabs/Octopii
#redteam #leak
@NetPentesters
Octopii is an AI based user information scanner that uses Tesseract's Optical Character Recognition (OCR) and MobileNet's Convolutional Neural Network (CNN) model.
Allows you to detect various forms of government IDs, passports, debit cards, driver's licenses, photographs, signatures, etc.
https://github.com/redhuntlabs/Octopii
#redteam #leak
@NetPentesters
GitHub
GitHub - redhuntlabs/Octopii: An AI-powered Personal Identifiable Information (PII) scanner.
An AI-powered Personal Identifiable Information (PII) scanner. - redhuntlabs/Octopii
Maximizing BloodHound with a simple suite of tools
[Maximizing BloodHound with a simple suite of tools]
A set of console utilities for working with Bloodhound. Retrieve/update objects, mark objects as Owned/High Value Targets, delete objects, match shattered passwords (hashcat) with users, execute raw DB query...
https://github.com/knavesec/Max
#AD
#bloodhound
@NetPentesters
[Maximizing BloodHound with a simple suite of tools]
A set of console utilities for working with Bloodhound. Retrieve/update objects, mark objects as Owned/High Value Targets, delete objects, match shattered passwords (hashcat) with users, execute raw DB query...
https://github.com/knavesec/Max
#AD
#bloodhound
@NetPentesters
GitHub
GitHub - knavesec/Max: Maximizing BloodHound. Max is a good boy.
Maximizing BloodHound. Max is a good boy. Contribute to knavesec/Max development by creating an account on GitHub.
SMB Session Spoofing: create a fake SMB Session
https://securityonline.info/smb-session-spoofing-create-a-fake-smb-session/
#SMB
#spoofing
@NetPentesters
https://securityonline.info/smb-session-spoofing-create-a-fake-smb-session/
#SMB
#spoofing
@NetPentesters
VLAN attacks toolkit
The author has nothing to do with those who will use this tool for personal purposes to destroy other people's computer networks. The tools are presented for training purposes to help engineers improve the security of their network.
https://github.com/necreas1ng/VLANPWN
#VLAN
@NetPentesters
The author has nothing to do with those who will use this tool for personal purposes to destroy other people's computer networks. The tools are presented for training purposes to help engineers improve the security of their network.
https://github.com/necreas1ng/VLANPWN
#VLAN
@NetPentesters
Active-Directory-Purple-Teaming
This repository is aimed at sharing the cliff notes for performing Red Teaming of Active Directory System combined with Detection Engineering part of AD Attacks
https://github.com/MirHassanRiaz/Active-Directory-Purple-Teaming
#ad
@NetPentesters
This repository is aimed at sharing the cliff notes for performing Red Teaming of Active Directory System combined with Detection Engineering part of AD Attacks
https://github.com/MirHassanRiaz/Active-Directory-Purple-Teaming
#ad
@NetPentesters
CVE-2022-26937
Microsoft Windows Network File System NLM Portmap Stack Buffer Overflow
https://www.zerodayinitiative.com/blog/2022/6/7/cve-2022-26937-microsoft-windows-network-file-system-nlm-portmap-stack-buffer-overflow
#exploit
@NetPentesters
Microsoft Windows Network File System NLM Portmap Stack Buffer Overflow
https://www.zerodayinitiative.com/blog/2022/6/7/cve-2022-26937-microsoft-windows-network-file-system-nlm-portmap-stack-buffer-overflow
#exploit
@NetPentesters
Zero Day Initiative
Zero Day Initiative — CVE-2022-26937: Microsoft Windows Network File System NLM Portmap Stack Buffer Overflow
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Guy Lederfein and Jason McFadyen of the Trend Micro Research Team detail a recently patched code execution vulnerability in the Microsoft Windows operating system. The bug…
DNS_Tunneling
DNS Tunneling using powershell to download and execute a payload. Works in CLM.
https://github.com/Octoberfest7/DNS_Tunneling
@NetPentesters
DNS Tunneling using powershell to download and execute a payload. Works in CLM.
https://github.com/Octoberfest7/DNS_Tunneling
@NetPentesters
GitHub
GitHub - Octoberfest7/DNS_Tunneling: DNS Tunneling using powershell to download and execute a payload. Works in CLM.
DNS Tunneling using powershell to download and execute a payload. Works in CLM. - Octoberfest7/DNS_Tunneling
Cloud penetration testing
A curateinfrastrucd list of cloud pentesting resource, contains AWS, Azure, Google Cloud
https://github.com/kh4sh3i/cloud-penetration-testing
#Cloud
@NetPentesters
A curateinfrastrucd list of cloud pentesting resource, contains AWS, Azure, Google Cloud
https://github.com/kh4sh3i/cloud-penetration-testing
#Cloud
@NetPentesters
GitHub
GitHub - kh4sh3i/cloud-penetration-testing: A curated list of cloud pentesting resource, contains AWS, Azure, Google Cloud
A curated list of cloud pentesting resource, contains AWS, Azure, Google Cloud - kh4sh3i/cloud-penetration-testing
Aced
Aced is a tool to parse and resolve a single targeted Active Directory principal's DACL. Aced will identify interesting inbound access allowed privileges against the targeted account, resolve the SIDS of the inbound permissions, and present that data to the operator.
Additionally, the logging features of pyldapsearch have been integrated with Aced to log the targeted principal's LDAP attributes locally which can then be parsed by pyldapsearch's companion tool BOFHound to ingest the collected data into BloodHound.
https://github.com/garrettfoster13/aced
#ad
#tools
@NetPentesters
Aced is a tool to parse and resolve a single targeted Active Directory principal's DACL. Aced will identify interesting inbound access allowed privileges against the targeted account, resolve the SIDS of the inbound permissions, and present that data to the operator.
Additionally, the logging features of pyldapsearch have been integrated with Aced to log the targeted principal's LDAP attributes locally which can then be parsed by pyldapsearch's companion tool BOFHound to ingest the collected data into BloodHound.
https://github.com/garrettfoster13/aced
#ad
#tools
@NetPentesters
MikroTik Cloud Hosted Router Universal Unpatchable Jailbreak
Universal "unpatchable" jailbreak for all MikroTik RouterOS versions:
1. Download Cloud Router VM image, boot it in your favourite hypervisor
2. Suspend / save to disk
3. Replace /nova/bin/login with /bin/sh in the saved memory image
4. Restore the running VM from the memory image
https://github.com/pedrib/PoC/blob/master/tools/mikrotik_jailbreak.py
#mikrotik
@NetPentesters
Universal "unpatchable" jailbreak for all MikroTik RouterOS versions:
1. Download Cloud Router VM image, boot it in your favourite hypervisor
2. Suspend / save to disk
3. Replace /nova/bin/login with /bin/sh in the saved memory image
4. Restore the running VM from the memory image
https://github.com/pedrib/PoC/blob/master/tools/mikrotik_jailbreak.py
#mikrotik
@NetPentesters
GitHub
PoC/tools/mikrotik_jailbreak.py at master · pedrib/PoC
Advisories, proof of concept files and exploits that have been made public by @pedrib. - pedrib/PoC
CVE-2022-26937
Windows Network File System Crash PoC
https://github.com/omair2084/CVE-2022-26937
#cve
@NetPentesters
Windows Network File System Crash PoC
https://github.com/omair2084/CVE-2022-26937
#cve
@NetPentesters
GitHub
GitHub - omair2084/CVE-2022-26937: Windows Network File System Crash PoC
Windows Network File System Crash PoC. Contribute to omair2084/CVE-2022-26937 development by creating an account on GitHub.
This tool uses LDAP to check a domain for known abusable Kerberos delegation settings. Currently, it supports RBCD, Constrained, Constrained w/Protocol Transition, and Unconstrained Delegation checks.
Despite the name, I decided to add in a couple more features since the bulk of the code was already there. So now there is a get-spns command as well which can look for ASREP accounts or Kerberoastable SPNs.
https://github.com/IcebreakerSecurity/DelegationBOF
#tools
@NetPentesters
Despite the name, I decided to add in a couple more features since the bulk of the code was already there. So now there is a get-spns command as well which can look for ASREP accounts or Kerberoastable SPNs.
https://github.com/IcebreakerSecurity/DelegationBOF
#tools
@NetPentesters
GitHub
GitHub - Crypt0s/DelegationBOF
Contribute to Crypt0s/DelegationBOF development by creating an account on GitHub.
Forwarded from PFK Git [ international ]
#pentest #bugbounty #recon
A list of search engines useful during Penetration testing, vulnerability assessments, red team operations, bug bounty and more
https://github.com/edoardottt/awesome-hacker-search-engines
@DK_HBB2
A list of search engines useful during Penetration testing, vulnerability assessments, red team operations, bug bounty and more
https://github.com/edoardottt/awesome-hacker-search-engines
@DK_HBB2
GitHub
GitHub - edoardottt/awesome-hacker-search-engines: A curated list of awesome search engines useful during Penetration testing,…
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more - edoardottt/awesome-hacker-search-engines
Garud
An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters.
https://github.com/R0X4R/Garud
@NetPentesters
An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters.
https://github.com/R0X4R/Garud
@NetPentesters
GitHub
GitHub - R0X4R/Garud: An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more…
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically. -...
Finding all things on-prem Microsoft for password spraying and enumeration.
The tool will used a list of common subdomains associated with your target apex domain to attempt to discover valid instances of on-prem Microsoft solutions. Screenshots of the tool in action are below:
https://github.com/puzzlepeaches/msprobe
@NetPentesters
The tool will used a list of common subdomains associated with your target apex domain to attempt to discover valid instances of on-prem Microsoft solutions. Screenshots of the tool in action are below:
https://github.com/puzzlepeaches/msprobe
@NetPentesters
GitHub
GitHub - puzzlepeaches/msprobe: Finding all things on-prem Microsoft for password spraying and enumeration.
Finding all things on-prem Microsoft for password spraying and enumeration. - puzzlepeaches/msprobe