230 matches found
Exploit for CVE-2020-1472
CVE-2020-1472-Easy This is definitely not something you would...
Exploit for CVE-2020-1472
ZeroLogon testing script A Python script that uses the Impack...
Exploit for CVE-2020-1472
CVE-2020-1472 POC Requires the latest impacket from GitHubh...
Exploit for CVE-2020-1472
!Pythonpython-shield CVE-2020-1472 CVE-2020-1472 - Zero...
Exploit for CVE-2020-1472
ZeroLogon testing script A Python script that uses the Impack...
Exploit for CVE-2020-1472
CVE-2020-1472 POC Requires the latest impacket from GitHubh...
Exploit for CVE-2020-1472
CVE-2020-1472 POC The vulnerability can be exploited in a Wi...
Exploit for CVE-2020-1472
CVE-2020-1472 - Zero-Logon POC !alt texthttps://github.com...
Rbcd-Attack - Kerberos Resource-Based Constrained Delegation Attack From Outside Using Impacket
Abusing Kerberos Resource-Based Constrained Delegation TL;DR This repo is about a practical attack against Kerberos Resource-Based Constrained Delegation in a Windows Active Directory Domain. The difference from other common implementations is that we are launching the attack from outside of the...
Exploit for CVE-2020-1472
Zer0Dump Zer0dump is an PoC exploit/tool for abusing the vuln...
Exploit for CVE-2020-1472
CVE-2020-1472 Checker & Exploit Code for CVE-2020-1472 aka Z...
Exploit for CVE-2020-1472
CVE-2020-1472 POC Requires the latest impacket from GitHubh...
Exploit for CVE-2020-1472
ZeroLogon testing script A Python script that uses the Impack...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Netwrix Account_Lockout_Examiner
CVE-2020-15931 Netwrix Account Lockout Examiner 4.1 Domai...
Exploit for CVE-2019-1040
CVE-2019-1040 Great writeup! Exploiting CVE-2019-1040 - Combining relay vulnerabilities for RCE and Domain Admin . So, I wrote CVE-2019-1040.py for easy to use. You can also check out my exchange2domain repo: https://github.com/ridter/exchange2domain, another way to use exchange to get DC...
Mssqlproxy - A Toolkit Aimed To Perform Lateral Movement In Restricted Environments Through A Compromised Microsoft SQL Server Via Socket Reuse
mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse. The client requires impacket and sysadmin privileges on the SQL server. Please read this article carefully before continuing. It consists of three part...
Evil SSDP - Spoof SSDP Replies And Create Fake UPnP Devices To Phish For Credentials And NetNTLM Challenge/Response
This tool responds to SSDP multicast discover requests, posing as a generic UPNP device. Your spoofed device will magically appear in Windows Explorer on machines in your local network. Users who are tempted to open the device are shown a configurable phishing page. This page can load a hidden...
Lsassy - Extract Credentials From Lsass Remotely
Python library to remotely extract credentials. This blog post explains how it works. You can check the wiki This library uses impacket project to remotely read necessary bytes in lsass dump and pypykatz to extract credentials. Requirements Python = 3.6 pypykatz = 0.3.0 impacket Installation From...
PrivExchange - Exchange Your Privileges For Domain Admin Privs By Abusing Exchange
POC tools accompanying the blog Abusing Exchange: One API call away from Domain Admin. Requirements These tools require impacket. You can install it from pip with pip install impacket, but it is recommended to use the latest version from GitHub. privexchange.py This tool simply logs in on Exchang...
ActiveReign - A Network Enumeration And Attack Toolset
Background A while back I was challenged to write a discovery tool with Python3 that could automate the process of finding sensitive information on network file shares. After writing the entire tool with pysmb, and adding features such as the ability to open and scan docx an xlsx files, I slowly...