Tag Archives: attack

AutoRDPwn : The Shadow Attack Framework

AutoRDPwn is a post-exploitation framework created in Powershell, designed primarily to automate the Shadow attack on Microsoft Windows computers. This vulnerability (cataloged as a feature by Microsoft) allows a remote attacker to view their victim’s desktop without their consent, and even control it on demand, using tools native to the operating system itself. Thanks to …

Continue reading “AutoRDPwn : The Shadow Attack Framework”

ActiveReign : A Network Enumeration & Attack Toolset

ActiveReign is a network enumeration and attack toolset.A while back I was challenged to write a discovery tool with Python3 that could automate the process of finding sensitive information on network file shares. After writing the entire tool with pysmb, and adding features such as the ability to open and scan docx an xlsx files. …

Continue reading “ActiveReign : A Network Enumeration & Attack Toolset”

Unicorn – Downgrade Attack & Inject Shellcode Straight into Memory

A unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber’s PowerShell attacks and the PowerShell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18. Usage is simple, just run Magic Unicorn (ensure Metasploit is installed if using Metasploit methods …

Continue reading “Unicorn – Downgrade Attack & Inject Shellcode Straight into Memory”

SQLMAP – Enumeration of Databases & Users from Vulnerable Web Forms

Sqlmap is a database assessment tool which pentesters & security researchers can use to enumerate databases of various types. Sqlmap automates a normal & advanced sql injection techniques and performs them on a regular form. Refer to the article on Introduction to SQLMAP for getting started. The following lab sessions are a continuation of the previous …

Continue reading “SQLMAP – Enumeration of Databases & Users from Vulnerable Web Forms”

OverThruster – HID Attack Payload Generator For Arduinos

OverThruster is a tool to generate sketches for Arduinos when used as an HID Attack. It was designed around devices with the ATMEGA32U4 chip, like the CJMCU-BEETLE, or the new LilyGo “BadUSB” devices popping up on ebay and aliexpress that look like USB sticks but contain an Arduino. I wrote this because the few other …

Continue reading “OverThruster – HID Attack Payload Generator For Arduinos”

Online Password Bruteforce with Hydra-GTK

Hydra (better known as “thc-hydra”) is an online password attack tool. It brute forces various combinations on live services like telnet, ssh, http, https, smb, snmp, smtp etc. Hydra supports 30+ protocols including their SSL enabled ones. It brute forces on services we specify by using user-lists & wordlists. Hydra works in 4 modes: Pentesters use …

Continue reading “Online Password Bruteforce with Hydra-GTK”

Evilginx – MITM Attack Framework For Phishing Credentials & Session Cookies

Evilginx is a Man-in-the-middle attack framework used for phishing credentials and session cookies of any web service. It’s core runs on Nginx HTTP server, which utilizes proxy_pass and sub_filter to proxy and modify HTTP content, while intercepting traffic between client and server. Installing Evilginx Evilginx provides an installation script install.sh that takes care of installing …

Continue reading “Evilginx – MITM Attack Framework For Phishing Credentials & Session Cookies”

Reaver + PixieWPS – Tool to Bruteforce the WPS of a WiFi Router

Reaver is a tool to brute-force the WPS of a WIFi router. PixeWPS is a new tool to brute-force the exchanging keys during a WPS transaction. First, let’s get to know what is WPS WPS is Wifi Protected Setup designed to quickly & easily authenticate a client to an AP mainly aimed for home users. …

Continue reading “Reaver + PixieWPS – Tool to Bruteforce the WPS of a WiFi Router”