SCodeScanner – Stands For Source Code Scanner Where The User Can Scans The Source Code For Finding The Critical Vulnerabilities

SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities. The main objective for this scanner is to find the vulnerabilities inside the source code before code gets published in Prod. Features Supported PHP Language Supported YAML Language Pass results to bug tracking services like JiraRead More

SharpImpersonation – A User Impersonation Tool – Via Token Or Shellcode Injection

This was a learning by doing project from my side. Well known techniques are used to built just another impersonation tool with some improvements in comparison to other public tools. The code base was taken from: https://github.com/0xbadjuju/Tokenvator A blog post for the intruduction can be found here: https://s3cur3th1ssh1t.github.io/SharpImpersonation-Introduction/ List user processes PS > PS C:temp>Read More

ForceAdmin – Create Infinite UAC Prompts Forcing A User To Run As Admin

ForceAdmin is a c# payload builder, creating infinate UAC pop-ups until the user allows the program to be ran. The inputted commands are ran via powershell calling cmd.exe and should be using the batch syntax. Why use? Well some users have UAC set to always show, so UAC bypass techniques are not possible. However –Read More

noPac – Exploiting CVE-2021-42278 And CVE-2021-42287 To Impersonate DA From Standard Domain User

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-2021-42278 + CVE-2021-42287 chainpositional arguments: [domain/]username[:password] Account used to authenticate to DC.optional arguments: -h, –help show this help message and exit –impersonate IMPERSONATE target username that will be impersonated (thru S4U2Self) for quering the ST. Keep inRead More

Masky – Python Library With CLI Allowing To Remotely Dump Domain User Credentials Via An ADCS Without Dumping The LSASS Process Memory

Masky is a python library providing an alternative way to remotely dump domain users’ credentials thanks to an ADCS. A command line tool has been built on top of this library in order to easily gather PFX, NT hashes and TGT on a larger scope. This tool does not exploit any new vulnerability and doesRead More

Kage – Graphical User Interface For Metasploit Meterpreter And Session Handler

Kage (ka-geh) is a tool inspired by AhMyth designed for Metasploit RPC Server to interact with meterpreter sessions and generate payloads. For now it only supports windows/meterpreter & android/meterpreter. Getting Started Please follow these instructions to get a copy of Kage running on your local machine without any problems. Prerequisites Metasploit-framework must be installed andRead More

SSOh-No – User Enumeration And Password Spraying Tool For Testing Azure AD

This tool is designed to enumerate users, password spray and perform brute force attacks against any organisation that utilises Azure AD or O365. Generally, this endpoint provides extremely verbose errors which can be leveraged to enumerate users and validate their passwords via brute force/spraying attacks, while also failing to log any failed authentication attempts. ThisRead More

O365-Doppelganger – A Quick Handy Script To Harvest Credentials Off Of A User During A Red Team And Get Execution Of A File From The User

O365-Doppelganger is NOT a replacement for hardcore phishing activities. There are several other tools which perform OAuth and OTA capture which is not the aim of O365-Doppelganger. O365-Doppelganger is a quick handy script to harvest credentials of a user during Red Teams. This repository is a quick hack of one of my old red teamRead More

Oh365UserFinder – Python3 O365 User Enumeration Tool

Oh365UserFinder is used for identifying valid o365 accounts and domains without the risk of account lockouts. The tool parses responses to identify the “IfExistsResult” flag is null or not, and responds appropriately if the user is valid. The tool will attempt to identify false positives based on response, and either automatically create a waiting periodRead More

Codecat v0.56 – An Open-Source Tool To Help You Find/Track User Input Sinks And Security Bugs Using Static Code Analysis

CodeCat is an open-source tool to help you find/track user input sinks and security bugs using static code analysis. These points follow regex rules.  Current rules for C,C++,GO,Python,javascript,Swift,PHP,Ruby,ASP,Kotlin,Dart and Java.(you can create your rules) video How too install, step by step: Go to CodeCat directory, install backend and frontend libs: $ apt install python3-pip$ cdRead More

X