This script will parse all the channels of events from the win-event log to extract all the log relatives to AppLocker. The script will gather all the important pieces of information relative to the events for forensic or threat-hunting purposes, or even in order to troubleshoot. Here are the logs we fetch from win-event: EXERead More
[*] PowerHuntShares is design to automatically inventory, analyze, and report excessive privilege assigned to SMB shares on Active Directory domain joined computers. It is intented to help IAM and other blue teams gain a better understand of their SMB Share attack surface and provides data insights to help naturally group related share to help streamRead More
FarsightAD is a PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory domain compromise. The script produces CSV / JSON file exports of various objects and their attributes, enriched with timestamps from replication metadata. Additionally, if executed with replication privileges, the Directory Replication Service (DRS)Read More
The Klyda project has been created to aid in quick credential based attacks against online web applications. Klyda supports the use from simple password sprays, to large multithreaded dictionary attacks. Klyda is a new project, and I am looking for any contributions. Any help is very appreciated. Klyda offers simple, easy to remember usage; however,Read More
A script for generating common revshells fast and easy. Especially nice when in need of PowerShell and Python revshells, which can be a PITA getting correctly formated. PowerShell revshells Shows [email protected], above the prompt and working-directory Has a partial AMSI-bypass, making some stuff a bit easier TCP and UDP Windows Powershell and Core Powershell FunctionsRead More
Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods Please Don’t Attack websites without the owners consent. Features And Methods Layer7 GET | GET Flood POST | POST Flood OVH | Bypass OVH RHEX | Random HEX STOMP | Bypass chk_captcha STRESS | Send HTTP Packet With High Byte DYN | ARead More
PersistenceSniper is a Powershell script that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. The script is also available on Powershell Gallery. The Why Why writing such a tool, you might ask. Well, for starters, I tried looking around and I did not find aRead More
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods. Features Automatically detects open SMB pipes on the remote machine. Calls one by one all the vulnerable RPC functions to coerce the server to authenticate on an arbitrary machine. Analyze mode with –analyze, which only lists theRead More
A python script to scan for Apache Tomcat server vulnerabilities. Features Multithreaded workers to search for Apache tomcat servers. Multiple target source possible: Retrieving list of computers from a Windows domain through an LDAP query to use them as a list of targets. Reading targets line by line from a file. Reading individual targets (IP/DNS/CIDR)Read More
Easily expand your attack surface on a local network by discovering more hosts, via SSH. Using a machine running a SSH service, Puwr uses a given subnet range to scope out IP’s, sending back any successful ping requests it has. This can be used to expand out an attack surface on a local network, byRead More
