ZeroDoor - A Script Written Lazily For Generating Cross-Platform Backdoors

A script written lazily for generating reverse shell backdoors on the go whenever you need without any hassle for your daily penetration needs . These backdoors are not James Bond high tech stuff but rather simple ones to prevent over exploitation and limited capabilities Once you generate the...

Scripted Inputs and Splunk

Splunk is an extremely versatile tool when dealing with data: - Monitor files? Check! - Listen in on an open port? Check! - Monitor the file system? Performance monitor? HTTP Event Collector? - Check, check aaaaand check! But what if the data you want to ingest does not have a method listed...

PowerSAP - Powershell SAP Assessment Tool

PowerSAP is a simple powershell re-implementation of popular & effective techniques of all public tools such as Bizploit, Metasploit auxiliary modules, or python scripts available on the Internet. This re-implementation does not contain any new or undisclosed vulnerability. PowerSAP allows to rea...

ACLight - PowerShell Script for Advanced Discovery of Privileged Accounts (includes Shadow Admins)

ACLight is a tool for discovering privileged accounts through advanced ACLs Access Lists analysis. It includes the discovery of Shadow Admins in the scanned network. The tool queries the Active Directory AD for its objects' ACLs and then filters and analyzes the sensitive permissions of each one...

CVE-2017-8715

The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass by the way it handles Windows PowerShell sessions, aka "Windows Security Feature Bypass"...

CVE-2017-8715

CVE-2017-8715 is a Device Guard security feature bypass in Windows PowerShell sessions on Windows 10 (Gold 1511, 1607, 1703) and Windows Server 2016. The vulnerability could let an attacker inject code into a trusted PowerShell process to bypass Code Integrity. Remediation exists: install the Mic...

CVE-2017-8715

The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass by the way it handles Windows PowerShell sessions, aka "Windows Security Feature Bypass"...

KB4041691: Windows 10 Version 1607 and Windows Server 2016 October 2017 Cumulative Update (KRACK)

The remote Windows host is missing security update 4041691. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtai...

Ironsquirrel - Encrypted Exploit Delivery for the Masses

This project aims at delivering browser exploits to the victim browser in an encrypted fashion. Ellyptic-curve Diffie-Hellman secp256k1 is used for key agreement and AES is used for encryption. By delivering the exploit code and shellcode to the victim in an encrypted way, the attack can not be...

ThunderShell - PowerShell based RAT

ThunderShell is a Powershell based RAT that rely on HTTP request to communicate. All the network traffic is encrypted using a second layer of RC4 to avoid SSL interception and defeat network hooks. Dependencies apt install redis-server apt install python-redis Logs Every errors, http requests and...

EternalBlue Exploit Used in Retefe Banking Trojan Campaign

Criminals behind the Retefe banking Trojan have added a new component to their malware that uses the NSA exploit EternalBlue. The update makes Retefe the latest malware family to adopt the SMBv1 attack against a patched Windows vulnerability, and could signal an emerging trend, said researchers a...

ACLight: An Advanced Privileged Account Discovery Tool

PenTestIT RSS Feed Consider that you already have gotten inside a network and have compromised a system. Naturally, you would now want to spread across the network with least efforts. The question is - how? Answer is simple - ACLight. Using this tool you can atleast start looking at weaker target...

CVE-2017-8746

Windows Device Guard in Windows 10 1607, 1703, and Windows Server 2016 allows A security feature bypass vulnerability due to how PowerShell exposes functions and processes user supplied code, aka "Device Guard Security Feature Bypass Vulnerability"...

CVE-2017-8746

Windows Device Guard in Windows 10 1607, 1703, and Windows Server 2016 allows A security feature bypass vulnerability due to how PowerShell exposes functions and processes user supplied code, aka "Device Guard Security Feature Bypass Vulnerability"...

Security feature bypass

Windows Device Guard in Windows 10 1607, 1703, and Windows Server 2016 allows A security feature bypass vulnerability due to how PowerShell exposes functions and processes user supplied code, aka "Device Guard Security Feature Bypass Vulnerability"...

CVE-2017-8746

The CVE-2017-8746 issue affects Microsoft Windows Device Guard Code Integrity on Windows 10 (1607, 1703) and Windows Server 2016. The root cause is how PowerShell exposes functions and user-supplied code, enabling a security feature bypass where a local attacker could inject malicious code into a...

CVE-2017-8746

Windows Device Guard in Windows 10 1607, 1703, and Windows Server 2016 allows A security feature bypass vulnerability due to how PowerShell exposes functions and processes user supplied code, aka "Device Guard Security Feature Bypass Vulnerability"...

Microsoft Windows .NET Framework - Remote Code Execution

Microsoft Windows .NET Framework - Remote Code Execution Source: https://github.com/Voulnet/CVE-2017-8759-Exploit-sample Running CVE-2017-8759 exploit sample. Flow of the exploit: Word macro runs in the Doc1.doc file. The macro downloads a badly formatted txt file over wsdl, which triggers the WS...

Microsoft Windows .NET Framework - Remote Code Execution 0day Exploit

Exploit for windows platform in category remote exploits Source: https://github.com/Voulnet/CVE-2017-8759-Exploit-sample Running CVE-2017-8759 exploit sample. Flow of the exploit: Word macro runs in the Doc1.doc file. The macro downloads a badly formatted txt file over wsdl, which triggers the WS...

Microsoft Windows .NET Framework - Remote Code Execution

Source: https://github.com/Voulnet/CVE-2017-8759-Exploit-sample Running CVE-2017-8759 exploit sample. Flow of the exploit: Word macro runs in the Doc1.doc file. The macro downloads a badly formatted txt file over wsdl, which triggers the WSDL parser log. Then the parsing log results in running...