CredPhish is a PowerShell script designed to invoke credential prompts and exfiltrate passwords. It relies on CredentialPicker to collect user passwords, Resolve-DnsName for DNS exfiltration, and Windows Defender’s ConfigSecurityPolicy.exe to perform arbitrary GET requests. For a walkthrough, see the Black Hills Infosec publication. How To Phish For User Passwords With PowerShell Spoofing credential prompts is an effective privilege escalation and lateral movement …
Tag Archives: dns
DNSStager : Hide Your Payload In DNS
DNSStager is an open-source project based on Python used to hide and transfer your payload using DNS. DNSStager will create a malicious DNS server that handles DNS requests to your domain and return your payload as a response to specific record requests such as AAAA or TXT records after splitting it into chunks and encoding the payload using different …
DNSPeep : Spy On The DNS Queries Your Computer Is Making
DNSPeep lets you spy on the DNS queries your computer is making. Here’s some example output: $ sudo dnspeepquery name server IP responseA incoming.telemetry.mozilla.org 192.168.1.1 CNAME: telemetry-incoming.r53-2.services.mozilla.com, CNAME: pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com, A: 52.39.144.189, A: 54.191.136.131, A: 34.215.151.143, A: 54.149.208.57, A: 44.226.235.191, A: 52.10.174.113, A: 35.160.138.173, A: 44.238.190.78AAAA incoming.telemetry.mozilla.org 192.168.1.1 CNAME: telemetry-incoming.r53-2.services.mozilla.com, CNAME: pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.comA www.google.com 192.168.1.1 A: 172.217.13.132AAAA …
Continue reading “DNSPeep : Spy On The DNS Queries Your Computer Is Making”
InveighZero : Windows C# LLMNR/mDNS/NBNS/DNS/DHCPv6 Spoofer/Man-In-The-Middle Tool
InveighZero is a C# LLMNR/NBNS/mDNS/DNS/DHCPv6 spoofer and man-in-the-middle tool designed to assist penetration testers/red teamers that find themselves limited to a Windows system. This version shares many features with the PowerShell version of Inveigh. Privileged Mode Features (elevated admin required) SMB capture – packet sniffer based LLMNR spoofer – packet sniffer based NBNS spoofer – …
SnitchDNS : Database Driven DNS Server With A Web UI
SnitchDNS is a database driven DNS Server with a Web UI, written in Python and Twisted, that makes DNS administration easier with all configuration changed applied instantly without restarting any system services. One of its main features is the logging of all DNS queries allowing the discovery of network traffic endpoints, and it can also …
Continue reading “SnitchDNS : Database Driven DNS Server With A Web UI”
Procrustes : Script To Automates The Exfiltration Of Data Over DNS
Procrustes is a bash script that automates the exfiltration of data over dns in case we have a blind command execution on a server where all outbound connections except DNS are blocked. The script currently supports sh, bash and powershell and is compatible with exec style command execution (e.g. java.lang.Runtime.exec). Unstaged: Staged: For its operations, …
Continue reading “Procrustes : Script To Automates The Exfiltration Of Data Over DNS”
Scilla : Information Gathering Tool (DNS/Subdomain/Port Enumeration)
Scilla is a information gathering tool (DNS/Subdomain/Port Enumeration). Installation First of all, clone the repo locally git clone https://github.com/edoardottt/scilla.git Scilla has external dependencies, so they need to be pulled in: go get Linux (Requires high perms, run with sudo) make linuxmake unlinux Windows (executable works only in scilla folder. Alias?) make windowsmake unwindowsmake fmt run …
Continue reading “Scilla : Information Gathering Tool (DNS/Subdomain/Port Enumeration)”
DNSProbe : Tool That Allows You To Perform Multiple DNS Queries
DNSProbe is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers. Simple and Handy utility to query DNS records. Usage dnsprobe -h Also Read – CrauEmu : uEmu Extension For Developing & Analyzing Payloads For Code-Reuse Attacks This will …
Continue reading “DNSProbe : Tool That Allows You To Perform Multiple DNS Queries”
DNSteal : DNS Exfiltration Tool For Stealthily Sending Files Over DNS Requests
DNSteal is a fake DNS server that allows you to stealthily extract files from a victim machine through DNS requests. Below are a couple of different images showing examples of multiple file transfer and single verbose file transfer: Support for multiple files Gzip compression supported Now supports the customisation of subdomains and bytes per subdomain …
Continue reading “DNSteal : DNS Exfiltration Tool For Stealthily Sending Files Over DNS Requests”
DNSFookup : DNS Rebinding Toolkit
DnsFookup is a DNS Rebinding freamwork containing: a dns server obviously web api to create new subdomains and control the dns server, view logs, stuff like that shitty react app to make it even more comfy What does it do? It lets you create dns bins like a burp collaborator but it adds a bit …