DDE attack with PowerShell Empire
The DDE attack with PowerShell Empire allows for weaponizing a Word document with a PowerShell Empire-based payload, leveraging the Microsoft DDE exploit to execute code in MS Word and other Microsoft products. For more information, refer to the original research at: https://sensepost.com/blog/2017/macro-less-code-exec-in-msword/ To execute this attack, ensure you have set up an Empire listener.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A digital archive of the internet, allowing users to capture and browse archived web pages.
A suite of tools for Wi-Fi network security assessment and penetration testing.
Explore the top million websites, ranked by referring subnets, and gain insights into online influence and popularity.
A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.
SharpPrinter enables efficient discovery of network printers for security and management purposes.
Interactive online malware sandbox for real-time analysis and threat intelligence
SharpShares efficiently enumerates and maps network shares and resolves names within a domain.
Kali Linux is a specialized Linux distribution for cybersecurity professionals, focusing on penetration testing and security auditing.
SharpEDRChecker scans system components to detect security products and tools.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.