KnowsMore - A Swiss Army Knife Tool For Pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS And DCSync)

KnowsMore officially supports Python 3.8+. Main features Import NTLM Hashes from .ntds output txt file generated by CrackMapExec or secretsdump.py Import NTLM Hashes from NTDS.dit and SYSTEM Import Cracked NTLM hashes from hashcat output file Import BloodHound ZIP or JSON file BloodHound importer...

HackerOne: CSV injection in the credentials export

Summary: Hello team! We have found out that a hacker can inject malicious excel formulas into the credentials details which will be executed when program user exports the credentials details via https://hackerone.com/hackeroneh1pbbp3/credentials - export credentials and opens this CSV using MS...