PyHook is the python implementation of my SharpHook project, It uses various API hooks in order to give us the desired credentials.
PyHook Uses frida to inject it’s dependencies into the target process
| Process | API Call | Description | Progress |
|---|---|---|---|
| mstsc | CredUnPackAuthenticationBufferW | Hooks CredUnPackAuthenticationBufferW from mstsc and outputs username and password | DONE |
| runas | CreateProcessWithLogonW | Hooks CreateProcessWithLogonW from runas and outputs username, password and a domain name. | DONE |
| PowerShell | CreateProcessWithLogonW | Hooks CreateProcessWithLogonW from PowerShell and outputs username, password and a domain name (e.g – Start-Process cmd -Credential X). | DONE |
| cmd | RtlInitUnicodeStringEx | Hooks RtlInitUnicodeStringEx from cmd and outputs data from specific filters (e.g – “-p”, “password” etc). | DONE |
| MobaXterm | CharUpperBuffA | Hooks CharUpperBuffA from MobaXterm and outputs credentials for RDP and SSH logins. | DONE |
| explorer (UAC Prompt) | CredUnPackAuthenticationBufferW | Hooks CredUnPackAuthenticationBufferW from explorer and outputs username, password and a domain name. | DONE |
Demo
The Mobile Evidence Acquisition Toolkit designed by BlackStone Discovery. Developed to enhance digital forensics, this…
Here are some tools that you can use for Social Media OSINT. In the ever-evolving…
Scoprite l'elenco completo delle distribuzioni di sistemi operativi per Windows, MacOS e Linux, specializzate in…
Social Analyzer - API, CLI, and Web App for analyzing & finding a person's profile…
cURL is a command line tool created in 1998 by Daniel Stenberg, a Swedish Developper/Programmer.Daniel Stenberg's…
bevigil-cli provides a unified command line interface and python library for using BeVigil OSINT API. BeVigil…