Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Metasploit
Metasploitadded yesterday42 views

NTLM Relay to Self (HTTP to LDAP) - Post Exploitation

This module performs an NTLM relay-to-self privilege escalation attack. It starts an HTTP-to-LDAP relay server on the compromised host, then triggers the WebClient service via an ETW event allowing a low-privilege user to start it, and coerces the local machine account to authenticate via...

5.4AI score
Exploits0
Metasploit
Metasploitadded 2025/07/31 6:56 p.m.563 views

Exploits AD CS Template misconfigurations which involve updating an LDAP object: ESC9, ESC10, and ESC16

This module exploits Active Directory Certificate Services AD CS template misconfigurations, specifically ESC9, ESC10, and ESC16, by updating an LDAP object and requesting a certificate on behalf of a target user. The module leverages the auxiliary/admin/ldap/ldapobjectattribute module to update...

6AI score
Exploits0
Rapid7 Blog
Rapid7 Blogadded 2024/05/17 8:11 p.m.18 views

Metasploit Wrap-Up 05/17/2024

LDAP Authentication Improvements This week, in Metasploit v6.4.9, the team has added multiple improvements for LDAP related attacks. Two improvements relating to authentication is the new support for Signing and Channel Binding. Microsoft has been making changes to harden the communications to...

7.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blogadded 2024/04/12 5:47 p.m.32 views

Metasploit Weekly Wrap-Up 04/12/24

Account Takeover using Shadow Credentials The new release of Metasploit Framework includes a Shadow Credentials module added by smashery used for reliably taking over an Active Directory user account or computer, and letting future authentication to happen as that account. This can be chained wit...

7.8AI score0.5132EPSS
Exploits8
Kitploit
Kitploitadded 2023/05/15 12:30 p.m.14 views

ShadowSpray - A Tool To Spray Shadow Credentials Across An Entire Domain In Hopes Of Abusing Long Forgotten GenericWrite/GenericAll DACLs Over Other Objects In The Domain

A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain. Why this tool In a lot of engagements I see in BloodHound that the group "Everyone" / "Authenticated Users" / "Domain Users" or some other...

8AI score
Exploits0References10
Kitploit
Kitploitadded 2021/07/13 9:30 p.m.64 views

Whisker - A C# Tool For Taking Over Active Directory User And Computer Accounts By Manipulating Their msDS-KeyCredentialLink Attribute

Whisker is a C tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account. This tool is based on code from DSInternals by Michael Grafnetter @MGrafnetter. For this attack to...

7.6AI score
Exploits0References2
Rows per page
Query Builder