CrackMapExec Logo

CrackMapExec

0
Free
Visit Website

It's a post-exploitation tool (e.g. Veil-Pillage, smbexec) It's meant to be the 'glue' between exploitation frameworks when pentesting Active Directory It's fully concurrent: you're able to connect, authenticate etc.. to multiple hosts at the same time It has an internal database which is used to store credentials and track users with Administrative privileges It's functionality is based on several other tools and libraries (a list of them are in the Github repo's README) It's opsec safe: everything is either run in memory, enumerated over the network using WinAPI calls or executed using built-in windows tools/features. Part 1, will cover the basics such as using credentials, dumping credentials, executing commands and using the

FEATURES

ALTERNATIVES

Ivy is a payload creation framework for executing arbitrary VBA source code directly in memory, utilizing programmatical access to load, decrypt, and execute shellcode.

Cutting-edge open-source security tools for adversary simulation and threat hunting.

CredMaster enhances password spraying tactics with IP rotation to maintain anonymity and efficiency.

A digital archive of the internet, allowing users to capture and browse archived web pages.

Data exfiltration & infiltration tool using text-based steganography to evade security controls.

A tutorial on how to use Apache mod_rewrite to randomly serve payloads in phishing attacks

Stealing Signatures and Making One Invalid Signature at a Time.

A set of YARA rules for identifying files containing sensitive information

PINNED