PowerShx : Run Powershell Without Software Restrictions
PowerShx is a rewrite and expansion on the PowerShdll project. PowerShx provide functionalities for bypassing AMSI and running PS Cmdlets. Features Run Powershell with DLLs using rundll32.exe, installutil.exe, regsvcs.exe or regasm.exe, regsvr32.exe.Run Powershell without powershell.exe or powershell_ise.exeAMSI Bypass features.Run Powershell scripts directly from the command line or Powershell filesImport Powershell modules and execute Powershell Cmdlets. Usage .dll version rundll32 rundll32 PowerShx.dll,main -erundll32 PowerShx.dll,main -f Run the script...
5 Essential Recovery Steps after a Trojan Horse Virus Attack
The best form of defense against a Trojan horse attack is prevention. Always ensure that the emails, websites, and links you open are authentic because a Trojan employs deceit to get into your system. It’s similar to the giant wooden Trojan horse that secretly carried Greek soldiers. When the people of Troy took the seemingly innocuous-looking horse into their...
Viper : Intranet Pentesting Tool With Webui
Viper is a graphical intranet penetration tool, which modularizes and weaponizes the tactics and technologies commonly used in the process of Intranet penetrationViper integrates basic functions such as bypass anti-virus software, intranet tunnel, file management, command line and so onViper has integrated 80+ modules, covering Resource Development / Initial Access / Execution / Persistence / Privilege Escalation / Defense...
Attack-Surface-Framework : Tool To Discover External And Internal Network Attack Surface
Attack-Surface-Framework aims to protect organizations acting as an attack surface watchdog, provided an “Object” which might be a: Domain, IP address or CIDR (Internal or External), ASF will discover assets/subdomains, enumerate their ports and services, track deltas and serve as a continuous and flexible attacking and alerting framework leveraging an additional layer of support against 0 day vulnerabilities with...
SpoolSploit : A Collection Of Windows Print Spooler Exploits
SpoolSploit is a collection of Windows print spooler exploits containerized with other utilities for practical exploitation. A couple of highly effective methods would be relaying machine account credentials to escalate privileges and execute malicious DLLs on endpoints with full system access. Getting Started As of the release date the SpoolSploit Docker container has been tested successfully on the latest versions of MacOS, Ubuntu...
PKINITtools : Tools For Kerberos PKINIT And Relaying To AD CS
PKINITtools repository contains some utilities for playing with PKINIT and certificates.The tools are built on minikerberos and impacket. Accompanying blogpost with more context: https://dirkjanm.io/ntlm-relaying-to-ad-certificate-services/ Installation These tools are only compatible with Python 3.5+. Clone the repository from GitHub, install the dependencies and you should be good to go: git clone https://github.com/dirkjanm/PKINITtoolspip3 install impacket minikerberos Using a virtualenv for this is recommended. Tools gettgtpkinit.py Request a TGT using a PFX file,...
Smersh : A Pentest Oriented Collaborative Tool
Smersh is a pentest oriented collaborative tool used to track the progress of your company's missions and generate rapport. Preview Front Documentation All information is available at the following address: https://docs.smersh.app How to contribute ? Just fork repository then create branch, work and push your content + create PR git checkout -b MyBranchgit add -pgit commit -m "xx"git push origin MyBranch Download
Scrummage : The Ultimate OSINT And Threat Hunting Framework
Scrummage is an OSINT tool that centralises search functionality from powerful, yet simple OSINT sites. This project draws inspiration mainly from two other projects, including: The Scumblr project, which while is now deprecated, inspired this concept.The OSINT Framework project, which is a visualisation tool, depicting a range of sites that can be used to search for a variety of things. While at first glance the...
pFuzz : Helps Us To Bypass Web Application Firewall By Using Different Methods At The Same Time
pFuzz is an advanced red teaming fuzzing tool which we developed for our research. It helps us to bypass web application firewall by using different methods at the same time. pFuzz web uygulama araştırmaları için geliştirdiğimiz, gelişmiş bir fuzzing aracıdır. Farklı güvenlik uygulamaları üzerinde çeşitli saldırı yöntemlerinin denenmesi konusunda süreci hızlandırmak için geliştirilmiştir. Description pFuzz is a tool developed in the...
Guide to Relational Databases
Databases have been used by various organizations to solve business problems for a very long time. In the early days, databases used to be flat files, which meant that data was stored in flat files. However, this approach made it difficult to search for information or generate specific reports from a set of fields. To resolve these concerns, a relational...
