PingCastle - Get Active Directory Security at 80% in 20% of the time
翻译 - PingCastle-在20%的时间内获得80%的Active Directory安全性
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
翻译 - RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
记录自己编写、修改的部分工具
A PowerShell tool that takes strong inspiration from CrackMapExec / NetExec
Credentials gathering tool automating remote procdump and parse of lsass process.
翻译 - 凭证收集工具可自动进行远程procdump和lsass进程的解析。
Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!
This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone is created, it utilizes MINIDUMP_CALLBACK_INFORMATION callback...
Red teaming tool to dump LSASS memory, bypassing basic countermeasures.
Python3 script to parse txt files containing Mimikatz output
import pyd or execute PE all from memory using only pure python code and some shellcode tricks
PowerShellUtilities provides various utility commandlets.
Invoke-KleptoKitty - Deploys Payloads and collects credentials
Powerful script for logical obfuscation of powershell scripts
Windows10 hardening implemented in powershell for consumer or enterprise deployment
A minimal safe version of mimikatz to only allow the export of non-exportable Windows certificates
Script to extract the cached credentials from SSSD, getting Active Directory credentials from Unix systems