CrackMapExec
It's a post-exploitation tool (e.g. Veil-Pillage, smbexec) It's meant to be the 'glue' between exploitation frameworks when pentesting Active Directory It's fully concurrent: you're able to connect, authenticate etc.. to multiple hosts at the same time It has an internal database which is used to store credentials and track users with Administrative privileges It's functionality is based on several other tools and libraries (a list of them are in the Github repo's README) It's opsec safe: everything is either run in memory, enumerated over the network using WinAPI calls or executed using built-in windows tools/features. Part 1, will cover the basics such as using credentials, dumping credentials, executing commands and using the
FEATURES
ALTERNATIVES
Pupy is a cross-platform C2 and post-exploitation framework for remote access and control of compromised systems across various operating systems.
Preparation process for participating in the Pacific Rim CCDC 2015.
Ultimate Internet of Things/Industrial Control Systems reconnaissance tool powered by Shodan.
A toolkit to attack Office365, including tools for password spraying, password cracking, token manipulation, and exploiting vulnerabilities in Office365 APIs and services.
A comprehensive guide for customizing Cobalt Strike's C2 profiles to enhance stealth and operational security.
Create a vulnerable active directory for testing various Active Directory attacks.
A next generation version of enum4linux with enhanced features for enumerating information from Windows and Samba systems.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.