SharpNamedPipePTH – Pass The Hash To A Named Pipe For Token Impersonation

This project is a C# tool to use Pass-the-Hash for authentication on a local Named Pipe for user Impersonation. You need a local administrator or SEImpersonate rights to use this. There is a blog post for explanation: https://s3cur3th1ssh1t.github.io/Named-Pipe-PTH/ It is heavily based on the code from the project Sharp-SMBExec. I faced certain Offensive Security projectRead More

SharpImpersonation – A User Impersonation Tool – Via Token Or Shellcode Injection

This was a learning by doing project from my side. Well known techniques are used to built just another impersonation tool with some improvements in comparison to other public tools. The code base was taken from: https://github.com/0xbadjuju/Tokenvator A blog post for the intruduction can be found here: https://s3cur3th1ssh1t.github.io/SharpImpersonation-Introduction/ List user processes PS > PS C:temp>Read More

Stacs – Static Token And Credential Scanner

Static Token And Credential Scanner What is it? STACS is a YARA powered static credential scanner which suports binary file formats, analysis of nested archives, composable rulesets and ignore lists, and SARIF reporting. What does STACS support? Currently, STACS supports recursive unpacking of tarballs, gzips, bzips, zips, and xz files. As STACS works on detectedRead More

TokenTactics – Azure JWT Token Manipulation Toolset

Azure JSON Web Token (“JWT”) Manipulation Toolset Azure access tokens allow you to authenticate to certain endpoints as a user who signs in with a device code. Even if they used multi-factor authentication. Once you have a user’s access token, it may be possible to access certain apps such as Outlook, SharePoint, OneDrive, MSTeams andRead More

NamedPipePTH – Pass The Hash To A Named Pipe For Token Impersonation

This project is a PoC code to use Pass-the-Hash for authentication on a local Named Pipe user Impersonation. There also is a blog post for explanation: https://s3cur3th1ssh1t.github.io/Named-Pipe-PTH/ It is heavily based on the code from the projects Invoke-SMBExec.ps1 and RoguePotato. I faced certain Offensive Security project situations in the past, where I already had theRead More

MyJWT – A Cli For Cracking, Testing Vulnerabilities On Json Web Token (JWT)

This cli is for pentesters, CTF players, or dev. You can modify your jwt, sign, inject ,etc… Check Documentation for more information. If you see problems or enhancement send an issue.I will respond as soon as possible. Enjoy 🙂 Documentation Documentation is available at http://myjwt.readthedocs.io Features copy new jwt to clipboard user Interface (thanks questionary)Read More

Pytmipe – Python Library And Client For Token Manipulations And Impersonations For Privilege Escalation On Windows

PYTMIPE (PYthon library for Token Manipulation and Impersonation for Privilege Escalation) is a Python 3 library for manipulating Windows tokens and managing impersonations in order to gain more privileges on Windows. TMIPE is the python 3 client which uses the pytmipe library. Content A python client: tmipe (python3 tmipe.py) A python library: pytmipe. Useful forRead More

X