A more advanced free and open .NET obfuscator using dnlib.
https://github.com/AnErrupTion/LoGiC.NET
#dotnet #obfuscation
https://github.com/AnErrupTion/LoGiC.NET
#dotnet #obfuscation
GitHub
GitHub - AnErrupTion/LoGiC.NET: A free and open-source .NET obfuscator using dnlib.
A free and open-source .NET obfuscator using dnlib. - AnErrupTion/LoGiC.NET
California health smart card now accessible (vaccination record)
https://github.com/dxa4481/SmartHealthCardViewer
#California #health_record
https://github.com/dxa4481/SmartHealthCardViewer
#California #health_record
GitHub
GitHub - dxa4481/SmartHealthCardViewer: Smart Health Card Viewer, view your California Smart Health Card Vaccination record
Smart Health Card Viewer, view your California Smart Health Card Vaccination record - GitHub - dxa4481/SmartHealthCardViewer: Smart Health Card Viewer, view your California Smart Health Card Vaccin...
9 Post-Exploitation Tools for Your Next Penetration Test
»>https://labs.bishopfox.com/industry-blog/9-post-exploitation-tools-for-your-next-penetration-test?utm_campaign=2021_Posts_Blog_Industry&utm_content=173153971&utm_medium=social&utm_source=linkedin&hss_channel=lcp-232312
GhostPack
https://github.com/GhostPack
Mimikatz
https://github.com/gentilkiwi/mimikatz
Metasploit
https://www.metasploit.com/
PowerHub
https://github.com/AdrianVollmer/PowerHub
LOLBAS and LLOLBAS
https://github.com/LOLBAS-Project/LOLBAS
https://github.com/AZSERG/LLOLBAS
PHPSploit
https://github.com/nil0x42/phpsploit
swap_digger
https://github.com/sevagas/swap_digger
Bashark
https://github.com/redcode-labs/Bashark
BeRoot Project
https://github.com/AlessandroZ/BeRoot
»>https://labs.bishopfox.com/industry-blog/9-post-exploitation-tools-for-your-next-penetration-test?utm_campaign=2021_Posts_Blog_Industry&utm_content=173153971&utm_medium=social&utm_source=linkedin&hss_channel=lcp-232312
GhostPack
https://github.com/GhostPack
Mimikatz
https://github.com/gentilkiwi/mimikatz
Metasploit
https://www.metasploit.com/
PowerHub
https://github.com/AdrianVollmer/PowerHub
LOLBAS and LLOLBAS
https://github.com/LOLBAS-Project/LOLBAS
https://github.com/AZSERG/LLOLBAS
PHPSploit
https://github.com/nil0x42/phpsploit
swap_digger
https://github.com/sevagas/swap_digger
Bashark
https://github.com/redcode-labs/Bashark
BeRoot Project
https://github.com/AlessandroZ/BeRoot
Bishopfox
9 Post-Exploitation Tools for Your Next Penetration Test
Nine tools we’ve found useful for our post-exploitation efforts including GhostPack, Metasploit, PowerHub, LOLBAS, Mimikatz, PHPSploit, and more.
Meet Pickle
Post-exploitation and lateral movements framework
===================================
https://picklec2.readthedocs.io/en/latest/Usage.html
PickleC2 is a simple C2 framework written in python3 used to help the community in Penetration Testers in their red teaming engagements. it has the ability to import your own PowerShell module for Post-Exploitation and Lateral Movement or automate the process.
#redteaming #pentesting #postexploit #lateralmovement #cybersecurity #framework
Post-exploitation and lateral movements framework
===================================
https://picklec2.readthedocs.io/en/latest/Usage.html
PickleC2 is a simple C2 framework written in python3 used to help the community in Penetration Testers in their red teaming engagements. it has the ability to import your own PowerShell module for Post-Exploitation and Lateral Movement or automate the process.
#redteaming #pentesting #postexploit #lateralmovement #cybersecurity #framework
A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.
https://twitter.com/_batsec_/status/1421140725815709698
https://github.com/bats3c/ADCSPwn
https://twitter.com/_batsec_/status/1421140725815709698
https://github.com/bats3c/ADCSPwn
Twitter
batsec
I'm releasing my tool to exploit AD CS relaying. It will automate most the steps required for both local and domain privilege escalation. The images below show how it can be used to get a beacon as system on a domain controller.
Remote Desktop Protocol .NET Console Application for Authenticated Command Execution
ابزاری مشابه سری ابزارهای pstools
https://github.com/0xthirteen/SharpRDP
ابزاری مشابه سری ابزارهای pstools
https://github.com/0xthirteen/SharpRDP
GitHub
GitHub - 0xthirteen/SharpRDP: Remote Desktop Protocol .NET Console Application for Authenticated Command Execution
Remote Desktop Protocol .NET Console Application for Authenticated Command Execution - 0xthirteen/SharpRDP
Universal Privilege Escalation and Persistence – Printer
https://pentestlab.blog/2021/08/02/universal-privilege-escalation-and-persistence-printer/
https://pentestlab.blog/2021/08/02/universal-privilege-escalation-and-persistence-printer/
Penetration Testing Lab
Universal Privilege Escalation and Persistence – Printer
The Print Spooler is responsible to manage and process printer jobs. It runs as a service with SYSTEM level privileges on windows environments. Abuse of the Print Spooler service is not new and suc…
ساخت object های مختلف در اکیتو دایرکتوری برای تبدیل ماشین مجازی به محیط تست اکتیو دایرکتوری توسط ماژول های پاورشل badblood
https://github.com/davidprowe/BadBlood
#badblood #LAB #Activedirectory
https://github.com/davidprowe/BadBlood
#badblood #LAB #Activedirectory
GitHub
GitHub - davidprowe/BadBlood: BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure…
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world....
Selection blackhat Tools
https://therecord.media/security-tools-showcased-at-black-hat-usa-2021/amp/?__twitter_impression=true
#blackhat
https://therecord.media/security-tools-showcased-at-black-hat-usa-2021/amp/?__twitter_impression=true
#blackhat
The Record by Recorded Future
Security tools showcased at Black Hat USA 2021
While everyone associates the Black Hat security conference with high-profile keynotes and state-of-the-art cybersecurity research, ever since the 2017 edition, the conference has also been the place where the cybersecurity community has also announced and…
Tool to bypass LSA Protection (aka Protected Process Light)
https://github.com/RedCursorSecurityConsulting/PPLKiller
#post_exploit
https://github.com/RedCursorSecurityConsulting/PPLKiller
#post_exploit
GitHub
GitHub - RedCursorSecurityConsulting/PPLKiller: Tool to bypass LSA Protection (aka Protected Process Light)
Tool to bypass LSA Protection (aka Protected Process Light) - RedCursorSecurityConsulting/PPLKiller
PowerSharpPack
Many usefull offensive CSharp Projects wraped into Powershell for easy usage.
https://github.com/S3cur3Th1sSh1t/PowerSharpPack
#powershell #post_exploit
Many usefull offensive CSharp Projects wraped into Powershell for easy usage.
https://github.com/S3cur3Th1sSh1t/PowerSharpPack
#powershell #post_exploit
GitHub
GitHub - S3cur3Th1sSh1t/PowerSharpPack
Contribute to S3cur3Th1sSh1t/PowerSharpPack development by creating an account on GitHub.
fibratus
A modern tool for the Windows kernel exploration and tracing
https://github.com/rabbitstack/fibratus
A modern tool for the Windows kernel exploration and tracing
https://github.com/rabbitstack/fibratus
GitHub
GitHub - rabbitstack/fibratus: Adversary tradecraft detection, protection, and hunting
Adversary tradecraft detection, protection, and hunting - GitHub - rabbitstack/fibratus: Adversary tradecraft detection, protection, and hunting
smb2os
Use smb2 protocol to detect remote computer os version, support win7/server2008-win10/server2019
https://github.com/w1u0u1/smb2os
Use smb2 protocol to detect remote computer os version, support win7/server2008-win10/server2019
https://github.com/w1u0u1/smb2os
GitHub
GitHub - w1u0u1/smb2os: Use smb2 protocol to detect remote computer os version, support win7/server2008-win10/server2019
Use smb2 protocol to detect remote computer os version, support win7/server2008-win10/server2019 - w1u0u1/smb2os
unDefender
Killing your preferred antimalware by abusing native symbolic links and NT paths.
https://github.com/last-byte/unDefender
Killing your preferred antimalware by abusing native symbolic links and NT paths.
https://github.com/last-byte/unDefender
XSTREAM 1.4.17 includes (CVE-2021-39141、CVE-2021-39144、CVE-2021-39150、CVE-2021-39152)
https://github.com/zwjjustdoit/Xstream-1.4.17
#Exploit
https://github.com/zwjjustdoit/Xstream-1.4.17
#Exploit
GitHub
GitHub - zwjjustdoit/Xstream-1.4.17: XSTREAM<=1.4.17漏洞复现(CVE-2021-39141、CVE-2021-39144、CVE-2021-39150)
XSTREAM<=1.4.17漏洞复现(CVE-2021-39141、CVE-2021-39144、CVE-2021-39150) - zwjjustdoit/Xstream-1.4.17
medusa honeypot for (ssh, telnet, http or other tcp servers)
https://github.com/evilsocket/medusa
#honeypot
https://github.com/evilsocket/medusa
#honeypot
GitHub
GitHub - evilsocket/medusa: A fast and secure multi protocol honeypot.
A fast and secure multi protocol honeypot. Contribute to evilsocket/medusa development by creating an account on GitHub.
Sliver agent for Linux with very low detection rate
https://github.com/BishopFox/sliver
Total link:
https://www.virustotal.com/gui/file/b17e26ce72362caaa1b22d98b384587a8363dc421061db96b897b91a014466a1/community
Rule
https://valhalla.nextron-systems.com/info/rule/MAL_GOLANG_Sliver_Implant
credit:https://twitter.com/cyb3rops/status/1431521109971722241?s=20
https://github.com/BishopFox/sliver
Total link:
https://www.virustotal.com/gui/file/b17e26ce72362caaa1b22d98b384587a8363dc421061db96b897b91a014466a1/community
Rule
https://valhalla.nextron-systems.com/info/rule/MAL_GOLANG_Sliver_Implant
credit:https://twitter.com/cyb3rops/status/1431521109971722241?s=20
GitHub
GitHub - BishopFox/sliver: Adversary Emulation Framework
Adversary Emulation Framework. Contribute to BishopFox/sliver development by creating an account on GitHub.