dafthack / HostRecon
This function runs a number of checks on a system to help provide situational awareness to a penetration tester during the reconnaissance phase. It gathers information about the local system, users, and domain information. It does not use any 'net', 'ipconfig', 'whoami', 'netstat', or other system commands to help avoid detection.
☆434Updated 7 years ago
Related projects ⓘ
Alternatives and complementary repositories for HostRecon
- Malicious WMI Events using PowerShell☆370Updated 8 years ago
- Credential and Red Teaming Defense for Windows Environments☆323Updated 4 months ago
- GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.☆629Updated 7 years ago
- Domain Password Audit Tool for Pentesters☆908Updated 2 years ago
- ☆512Updated 2 years ago
- NetSPI PowerShell Scripts☆324Updated 10 months ago
- ☆279Updated 6 years ago
- The Old BloodHound C# Ingestor (Deprecated)☆510Updated 2 years ago
- A multithreaded tool designed to identify if credentials are valid, invalid, or local admin valid credentials within a network at-scale v…☆443Updated 2 years ago
- ObfuscatedEmpire is a fork of Empire with Invoke-Obfuscation integrated directly into it's functionality.☆229Updated 7 years ago
- PowerShell Remote Download Cradle Generator & Obfuscator☆822Updated 6 years ago
- A Powershell Privilege Escalation Enumeration Script.☆307Updated 6 years ago
- An LDAP based Active Directory user and group enumeration tool☆303Updated last year
- Exchange privilege escalations to Active Directory☆728Updated last year
- A PowerShell module to deploy active directory decoy objects.☆223Updated 5 years ago
- Rapid Attack Infrastructure (RAI)☆297Updated 3 years ago
- PowerMeta searches for publicly available files hosted on various websites for a particular domain by using specially crafted Google, and…☆544Updated 2 years ago
- Egress-Assess is a tool used to test egress data detection capabilities☆618Updated last year
- Chameleon: A tool for evading Proxy categorisation☆459Updated 2 years ago
- A Burp Suite Extension to pull Employee Names from Google and Bing LinkedIn Search Results☆185Updated 4 months ago
- Analyze ARP requests to identify intercommunicating hosts and stale network address configurations (SNACs)☆62Updated 2 years ago
- A Password Spraying tool for Active Directory Credentials by Jacob Wilkin(Greenwolf)☆723Updated 5 months ago
- Search for categorized domain☆439Updated 5 years ago
- LyncSniper: A tool for penetration testing Skype for Business and Lync deployments☆304Updated 4 years ago
- Egressbuster is a method to check egress filtering and identify if ports are allowed. If they are, you can automatically spawn a shell.☆345Updated 3 months ago
- Active Directory forensic framework☆319Updated 2 years ago
- Rid_enum is a null session RID cycle attack for brute forcing domain controllers.☆234Updated 3 months ago
- ☆255Updated 2 years ago
- Active Directory ACL exploitation with BloodHound☆703Updated 3 years ago
- Automate creating resilient, disposable, secure and agile infrastructure for Red Teams☆373Updated 4 years ago