"This noscript is intended to mitigate Print Spooler attacks (specifically PrintNightmare CVE-2021-34527) by disabling the Spooler service where it is not needed (non-Print Server servers & DCs)."
https://github.com/jokezone/PowerShell-Scripts/blob/main/Configure-PrintSpooler.ps1#powershell
#blueteam #mitigation #printnightmare
https://github.com/jokezone/PowerShell-Scripts/blob/main/Configure-PrintSpooler.ps1#powershell
#blueteam #mitigation #printnightmare
GitHub
PowerShell-Scripts/Configure-PrintSpooler.ps1 at main · jokezone/PowerShell-Scripts
Random PowerShell noscripts worth sharing. Contribute to jokezone/PowerShell-Scripts development by creating an account on GitHub.
Autoharness
AutoHarness is a tool that automatically generates fuzzing harnesses for you.
https://github.com/parikhakshat/autoharness/releases/tag/1.0
#autoharness #harness #fuzzing
AutoHarness is a tool that automatically generates fuzzing harnesses for you.
https://github.com/parikhakshat/autoharness/releases/tag/1.0
#autoharness #harness #fuzzing
GitHub
Release AutoHarness (v1.0) · parikhakshat/autoharness
Initial Release of AutoHarness
-added executable to shared object functionality
-added automatic header detection or function reconstruction
-added automatic fuzzing harness creation for one argume...
-added executable to shared object functionality
-added automatic header detection or function reconstruction
-added automatic fuzzing harness creation for one argume...
#Keyhacks is a repository which shows quick ways in which #API keys leaked by a bug bounty program can be checked to see if they're valid.
https://github.com/streaak/keyhacks
https://github.com/streaak/keyhacks
GitHub
GitHub - streaak/keyhacks: Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can…
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid. - streaak/keyhacks
#GitDump A pentesting tool that dumps the source code from .git even when the directory traversal is disabled
https://github.com/Ebryx/GitDump
https://github.com/Ebryx/GitDump
GitHub
GitHub - Ebryx/GitDump: A pentesting tool that dumps the source code from .git even when the directory traversal is disabled
A pentesting tool that dumps the source code from .git even when the directory traversal is disabled - Ebryx/GitDump
Cariddi
Take a list of domains, #crawl urls and #scan for endpoints, secrets, api keys, file extensions, tokens and more...
https://github.com/edoardottt/cariddi
#API #Crawler #information_extraction #API_Scraper #informationGathering
Take a list of domains, #crawl urls and #scan for endpoints, secrets, api keys, file extensions, tokens and more...
https://github.com/edoardottt/cariddi
#API #Crawler #information_extraction #API_Scraper #informationGathering
GitHub
GitHub - edoardottt/cariddi: Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens…
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more - edoardottt/cariddi
sx is the command-line network scanner designed to follow the UNIX philosophy.
https://github.com/v-byte-cpu/sx/releases/tag/v0.4.0
#Scanner #cli #SX #go #docker
https://github.com/v-byte-cpu/sx/releases/tag/v0.4.0
#Scanner #cli #SX #go #docker
GitHub
Release v0.4.0 · v-byte-cpu/sx
Changelog
29ca59d feature: vpn support (#94)
29ca59d feature: vpn support (#94)
DCRaT c# source Code
https://github.com/qwqdanchun/DcRat/releases/tag/v1.0.7
https://github.com/qwqdanchun/DcRat
#RAT #opensource
https://github.com/qwqdanchun/DcRat/releases/tag/v1.0.7
https://github.com/qwqdanchun/DcRat
#RAT #opensource
GitHub
Release v1.0.7 · qwqdanchun/DcRat
Add some fun function
Add reg edit
fix password recovery
add normal startup control
fix remote screen can't work when use donut turn to shellcode and inject
Add reg edit
fix password recovery
add normal startup control
fix remote screen can't work when use donut turn to shellcode and inject
PowerShellArmoury
https://github.com/cfalta/PowerShellArmoury/releases/tag/1.5
#AMSI #bypassAV #PostExploit
https://github.com/cfalta/PowerShellArmoury/releases/tag/1.5
#AMSI #bypassAV #PostExploit
GitHub
Release PSArmoury 1.5 · cfalta/PowerShellArmoury
[new] new json config - WARNING: BREAKING CHANGE! - old config formats will no longer work. Have a look at the README.
[new] New-PSArmoury will now run a config syntax check by default (like -Valid...
[new] New-PSArmoury will now run a config syntax check by default (like -Valid...
image_2021-07-13_22-06-17.png
708.4 KB
Recon is a noscript to perform a full recon on a target with the main tools to search for vulnerabilities.
https://github.com/dirsoooo/Recon/releases/tag/v1.0
#recon #informationgathering #enumeration #scanning
https://github.com/dirsoooo/Recon/releases/tag/v1.0
#recon #informationgathering #enumeration #scanning
MAN SPIDER
will crawl every share on every target system. If provided creds don't work, it will fall back to "guest", then to a null session.
Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!
https://github.com/blacklanternsecurity/MANSPIDER
#MANSPIDER #SMB #scrabbing
will crawl every share on every target system. If provided creds don't work, it will fall back to "guest", then to a null session.
Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!
https://github.com/blacklanternsecurity/MANSPIDER
#MANSPIDER #SMB #scrabbing
GitHub
GitHub - blacklanternsecurity/MANSPIDER: Spider entire networks for juicy files sitting on SMB shares. Search filenames or file…
Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported! - blacklanternsecurity/MANSPIDER
Injector
Complete Arsenal of Memory injection and other techniques for red-teaming in Windows
https://github.com/0xDivyanshu/Injector
#bypassAV #injector
Complete Arsenal of Memory injection and other techniques for red-teaming in Windows
https://github.com/0xDivyanshu/Injector
#bypassAV #injector
Whisker
Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.
https://github.com/eladshamir/Whisker
#postexploit #Whisker #Activedirectory #shadowcredential
Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.
https://github.com/eladshamir/Whisker
#postexploit #Whisker #Activedirectory #shadowcredential
GitHub
GitHub - eladshamir/Whisker: Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their…
Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to...
rconn
rconn is a multiplatform program for creating generic reverse connections. Lets you consume services that are behind firewall or NAT without opening ports or port-forwarding.
https://github.com/jafarlihi/rconn
#rconn #postexploit #portforwarding
rconn is a multiplatform program for creating generic reverse connections. Lets you consume services that are behind firewall or NAT without opening ports or port-forwarding.
https://github.com/jafarlihi/rconn
#rconn #postexploit #portforwarding
Nebula
Cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still working to allow testing other Cloud Providers and DevOps Components.
https://github.com/gl4ssesbo1/Nebula/releases/tag/latest
#reconnaissance #enumeration #exploitation #postexploit #AWS
Cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still working to allow testing other Cloud Providers and DevOps Components.
https://github.com/gl4ssesbo1/Nebula/releases/tag/latest
#reconnaissance #enumeration #exploitation #postexploit #AWS
GitHub
Release Nebula v2.0 Release · gl4ssesbo1/Nebula
STS AssumeRoleWithWebIdentity
Reconnaissance crt.sh
TCP Reverse Shell (Draft)
Reverse Shell check_env that checks the environment of the victim system
Updated getuid that checks IAM:GetUser, IAM:Li...
Reconnaissance crt.sh
TCP Reverse Shell (Draft)
Reverse Shell check_env that checks the environment of the victim system
Updated getuid that checks IAM:GetUser, IAM:Li...
ARTIF
An advanced real time threat intelligence framework to identify threats and malicious web traffic on the basis of IP reputation and historical data.
Threat Detection
Logging and Monitoring
User profiling
Alerting automation
https://github.com/CRED-CLUB/ARTIF/releases/tag/1.0
#blueteam #TI #ARTIF
An advanced real time threat intelligence framework to identify threats and malicious web traffic on the basis of IP reputation and historical data.
Threat Detection
Logging and Monitoring
User profiling
Alerting automation
https://github.com/CRED-CLUB/ARTIF/releases/tag/1.0
#blueteam #TI #ARTIF
GitHub
Release v1.0 · CRED-CLUB/ARTIF
An advanced real time threat intelligence framework to identify threats and malicious web traffic on the basis of IP reputation and historical data. - CRED-CLUB/ARTIF
A powerful Bluetooth scanner
BR devices
LE devices
BR LMP features
LE LL features
SMP Pairing features
Real-time advertising physical channel PDU
SDP services
GATT services
Vulnerabilities (demo)
https://github.com/fO-000/bluescan/releases/tag/v0.6.5
#IoT #BLE #scanner
BR devices
LE devices
BR LMP features
LE LL features
SMP Pairing features
Real-time advertising physical channel PDU
SDP services
GATT services
Vulnerabilities (demo)
https://github.com/fO-000/bluescan/releases/tag/v0.6.5
#IoT #BLE #scanner
GitHub
Release v0.6.5 · fO-000/bluescan
Simply supported retrieving the HIDDenoscriptorList attribute
BoomBox
Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant
BoomBox is designed for malware analysts and incident responders. It allows for the rapid deployment of a dynamic malware analysis environment using Cuckoo Sandbox and a Windows 10 detonation chamber. Cuckoo is configured to use the physical machinery so that both Cuckoo and the Windows sandbox can be virtual machines on a single host.
https://github.com/nbeede/BoomBox/releases/tag/v1.0
#cuckoo #sandbox #malwareanalysis
Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant
BoomBox is designed for malware analysts and incident responders. It allows for the rapid deployment of a dynamic malware analysis environment using Cuckoo Sandbox and a Windows 10 detonation chamber. Cuckoo is configured to use the physical machinery so that both Cuckoo and the Windows sandbox can be virtual machines on a single host.
https://github.com/nbeede/BoomBox/releases/tag/v1.0
#cuckoo #sandbox #malwareanalysis
GitHub
Release Initial Release · nbeede/BoomBox
VirtualBox provider support
Windows 10 sandbox
Linux/macOS/Windows supported platforms
Windows 10 sandbox
Linux/macOS/Windows supported platforms
Blue Pigeon
is a Bluetooth-based data exfiltration and proxy tool to enable communication between a remote Command and Control (C2) server and a compromised host.
https://github.com/BluePigeonProject/blue-pigeon#the-pigeons-key-requirements
#Bluetooth #exfiltration #c2
is a Bluetooth-based data exfiltration and proxy tool to enable communication between a remote Command and Control (C2) server and a compromised host.
https://github.com/BluePigeonProject/blue-pigeon#the-pigeons-key-requirements
#Bluetooth #exfiltration #c2
GitHub
GitHub - BluePigeonProject/blue-pigeon: Blue Pigeon is a Bluetooth-based data exfiltration and proxy tool to enable communication…
Blue Pigeon is a Bluetooth-based data exfiltration and proxy tool to enable communication between a remote Command and Control (C2) server and a compromised host. - BluePigeonProject/blue-pigeon
BruteShark
Network Analysis Tool
We need extract credential from PCAP after Sniffing !
Extracting and encoding usernames and passwords (HTTP, FTP, Telnet, IMAP, SMTP...)
Extract authentication hashes and crack them using Hashcat (Kerberos, NTLM, CRAM-MD5, HTTP-Digest...)
Build visual network diagram (Network nodes & users)
Extract DNS queries
Reconstruct all TCP & UDP Sessions
File Carving
Extract Voip calls (SIP, RTP)
https://github.com/odedshimon/BruteShark/releases/tag/v1.2.2
Similar Tools :
1) Xplico (free)
2) Netwitness (Commercial maybe crack !)
https://github.com/xplico/xplico/releases/tag/v.1.2.2
https://www.netwitness.com/
#scrabbling #postExploit
Network Analysis Tool
We need extract credential from PCAP after Sniffing !
Extracting and encoding usernames and passwords (HTTP, FTP, Telnet, IMAP, SMTP...)
Extract authentication hashes and crack them using Hashcat (Kerberos, NTLM, CRAM-MD5, HTTP-Digest...)
Build visual network diagram (Network nodes & users)
Extract DNS queries
Reconstruct all TCP & UDP Sessions
File Carving
Extract Voip calls (SIP, RTP)
https://github.com/odedshimon/BruteShark/releases/tag/v1.2.2
Similar Tools :
1) Xplico (free)
2) Netwitness (Commercial maybe crack !)
https://github.com/xplico/xplico/releases/tag/v.1.2.2
https://www.netwitness.com/
#scrabbling #postExploit
GitHub
Release Improved Kerberos Hashes Parsing · odedshimon/BruteShark
Fix a bug that cause Kerberos hashes over TCP hashes was not extracted due to lack of proper parsing of "Record mark" section parsing (See issue: #90 )
Implement Kerberos TGS-REP Etype 17...
Implement Kerberos TGS-REP Etype 17...
SpoolSploit
A collection of Windows print spooler exploits containerized with other utilities for practical exploitation.
https://github.com/BeetleChunks/SpoolSploit
#printnightmare #printspooler #scanner #autoexploit #python
A collection of Windows print spooler exploits containerized with other utilities for practical exploitation.
https://github.com/BeetleChunks/SpoolSploit
#printnightmare #printspooler #scanner #autoexploit #python
GitHub
GitHub - BeetleChunks/SpoolSploit: A collection of Windows print spooler exploits containerized with other utilities for practical…
A collection of Windows print spooler exploits containerized with other utilities for practical exploitation. - BeetleChunks/SpoolSploit
PingCastle
It does quickly collect the most important information of the Active Directory to establish an overview on it. Based on a model and rules, it evalutes the score of the sub-processes of the Active Directory. Then based on this evaluation, it report the risk evaluation of it.
https://www.pingcastle.com/download/
#activedirectory #pingcastle #risk #windows
It does quickly collect the most important information of the Active Directory to establish an overview on it. Based on a model and rules, it evalutes the score of the sub-processes of the Active Directory. Then based on this evaluation, it report the risk evaluation of it.
https://www.pingcastle.com/download/
#activedirectory #pingcastle #risk #windows
PingCastle
Download - PingCastle
Download PingCastle binaries and source code to audit your Active Directory or get the map of your domains.