title | description |
---|---|
Windows |
Microsoft Windows pentesting tools and resources. |
- Aced - A tool to parse and resolve a single targeted Active Directory principal's DACL)
- BadBlood - Fills a Microsoft Active Directory Domain with a structure and thousands of objects.
- BloodHound - Six Degrees of Domain Admin.
- Certify - Active Directory certificate abuse.
- CrackMapExec - A swiss army knife for pentesting networks.
- SCCMHunter - tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.
- WinPwn - Automation for internal Windows Penetrationtest / AD-Security.
- Bitleaker - This tool can decrypt a BitLocker-locked partition with the TPM vulnerability.
- LOLBAS - Living Off The Land Binaries and Scripts.
- LaZagne - Credentials recovery project
- Redsnarf - Tool for retrieving hashes and credentials from Windows workstations, servers and domain controllers using OpSec Safe Techniques.
- SCOMDecrypt - Tool to decrypt stored RunAs credentials from SCOM servers.
- MailSniper - A penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms
- Ruler - A tool to abuse Exchange services.
- pipe-intercept - Intercept Windows Named Pipes communication.
- Kerberoast - A series of tools for attacking MS Kerberos implementations.
- Pykek - A python library to manipulate KRB5-related data.
- Rubeus - A C# toolset for raw Kerberos interaction and abuses.
- Fibratus - A modern tool for Windows kernel exploration and tracing with a focus on security.
- Vergilius - Take a look into the depths of Windows kernels and reveal more than 60000+ undocumented structures. The descent into Hell is easy!
- CredNinja - A multithreaded tool designed to identify if credentials are valid, invalid, or local admin valid credentials within a network at-scale via SMB.
- Mimikatz - Experiments with Windows security.
- iBombshell - Tool to deploy a post-exploitation prompt at any time.
- Pentestly - Python and Powershell internal penetration testing framework.
- Powershell Suite - A collection of PowerShell utilities.
- Stracciatella - OpSec-safe Powershell runspace from within C# with AMSI, Constrained Language Mode and Script Block Logging disabled at startup.
- PowerRemoteDesktop - Remote Desktop entirely coded in PowerShell.
- SharpRDP - Remote Desktop Protocol .NET Console Application for Authenticated Command Execution.
- rpcenum - Bash tool to extract info from a domain via RPCClient.
- LOLBAS - Living Off The Land Binaries and Scripts.
- Macshift - Windows command-line application changes the MAC address of a given network adapter on the current machine to a random or given value.
- Windows-Pentest - Windows Pentest Scripts.