DDE attack with PowerShell Empire Logo

DDE attack with PowerShell Empire

0
Free
Offensive Security
powershell
empire
microsoft
payload
attack-vector
Visit Website

The DDE attack with PowerShell Empire allows for weaponizing a Word document with a PowerShell Empire-based payload, leveraging the Microsoft DDE exploit to execute code in MS Word and other Microsoft products. For more information, refer to the original research at: https://sensepost.com/blog/2017/macro-less-code-exec-in-msword/ To execute this attack, ensure you have set up an Empire listener.

FEATURES

ALTERNATIVES

SmashTheStack Wargaming Network Logo
SmashTheStack Wargaming Network

A wargaming network for penetration testers to practice their skills in a realistic environment.

Free
Offensive Security
PenTesters Framework (PTF) Logo
PenTesters Framework (PTF)

A Python script for creating a cohesive and up-to-date penetration testing framework.

Free
Offensive Security
Redirect.rules Logo
Redirect.rules

A quick and dirty dynamic redirect.rules generator for penetration testers and security professionals.

Free
Offensive Security
Ruler Logo
Ruler

A tool for interacting with Exchange servers remotely and exploiting client-side Outlook features.

Free
Offensive Security
httprebind Logo
httprebind

Automatic tool for DNS rebinding-based SSRF attacks

Free
Offensive Security
Chaos Client Logo
Chaos Client

A Go client to communicate with Chaos DB API

Free
Offensive Security
XSpear Logo
XSpear

A powerful XSS scanning and parameter analysis tool

Free
Offensive Security
Metasploit Framework Logo
Metasploit Framework

A powerful penetration testing platform for identifying vulnerabilities and weaknesses in computer systems.

Free
Offensive Security

PINNED

InfoSecHired Logo

InfoSecHired

An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Commercial
Resources
Fabric Platform by BlackStork Logo

Fabric Platform by BlackStork

Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.

Free
Security Operations
Mandos Brief Newsletter Logo

Mandos Brief Newsletter

Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.

Free
Blogs and News
System Two Security Logo

System Two Security

An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.

Commercial
Security Operations
Aikido Security Logo

Aikido Security

Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.

Commercial
Application Security
Permiso Logo

Permiso

Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.

Commercial
IAM
Wiz Logo

Wiz

Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.

Commercial
Cloud Security
Adversa AI Logo

Adversa AI

Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.

Commercial
AI Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Copyright © 2025 - All rights reserved

LINKS
Blog
LEGAL
Terms of servicesPrivacy policy