ClickOnce (Twice or Thrice): A Technique for Social Engineering and (Un)trusted Command Execution
ClickOnce is a Microsoft technology that enables the user to install and run a Windows-based smart client application by clicking a link in a web page. With a little bit of C# coding knowledge, a red teamer or penetration tester has yet another capability to add to their ethical hacker toolkit. What are the requirements for operational use? To get started with ClickOnce, we need to do our homework and get a few things prepared: For social engineering campaigns, Microsoft web browsers (Edge/Internet Explorer) are required to invoke the ClickOnce installer. Additionally, target organizations must have the appropriate version of .NET Framework installed to launch the respective payload.
FEATURES
SIMILAR TOOLS
A reconnaissance tool that retrieves information from Office 365 and Azure Active Directory using a valid credential.
Emulates Docker HTTP API with event logging and AWS deployment script.
Tool for exploiting Sixnet RTUs to gain root level access with little effort.
A framework for exploiting Android-based devices and applications
A collection of resources for practicing penetration testing
A comprehensive guide for customizing Cobalt Strike's C2 profiles to enhance stealth and operational security.
C3 is a framework for creating custom C2 channels, integrating with existing offensive toolkits.
BeEF is a specialized penetration testing tool for exploiting web browser vulnerabilities to assess security.
FOCA is a tool used to find metadata and hidden information in scanned documents, with capabilities to analyze various file types and extract EXIF information.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.