CrackMapExec
It's a post-exploitation tool (e.g. Veil-Pillage, smbexec) It's meant to be the 'glue' between exploitation frameworks when pentesting Active Directory It's fully concurrent: you're able to connect, authenticate etc.. to multiple hosts at the same time It has an internal database which is used to store credentials and track users with Administrative privileges It's functionality is based on several other tools and libraries (a list of them are in the Github repo's README) It's opsec safe: everything is either run in memory, enumerated over the network using WinAPI calls or executed using built-in windows tools/features. Part 1, will cover the basics such as using credentials, dumping credentials, executing commands and using the
FEATURES
ALTERNATIVES
A comprehensive guide for customizing Cobalt Strike's C2 profiles to enhance stealth and operational security.
A credit card/magstripe spoofer that can emulate any magnetic stripe or credit card wirelessly.
A DNS rebinding attack framework for security researchers and penetration testers.
Full-featured C2 framework for stealthy communication and control on web servers.
Generate a variety of suspect actions detected by Falco rulesets.
DET (extensible) Data Exfiltration Toolkit is a proof of concept tool for performing Data Exfiltration using multiple channels simultaneously.
A standalone man-in-the-middle attack framework used for phishing login credentials and bypassing 2-factor authentication.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.