This function runs a number of checks on a system to help provide situational awareness to a penetration tester during the reconnaissance phase. It gathers information about the local system, users, and domain information. It does not use any 'net', 'ipconfig', 'whoami', 'netstat', or other system commands to help avoid detection.
☆463Oct 3, 2017Updated 8 years ago
Alternatives and similar repositories for HostRecon
Users that are interested in HostRecon are comparing it to the libraries listed below
Sorting:
- PowerMeta searches for publicly available files hosted on various websites for a particular domain by using specially crafted Google, and…☆573Jul 3, 2025Updated 7 months ago
- A PowerShell tool for taking screenshots of multiple web servers quickly.☆94Apr 19, 2017Updated 8 years ago
- MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, i…☆3,213Aug 7, 2025Updated 6 months ago
- DAFT: Database Audit Framework & Toolkit☆182Aug 11, 2021Updated 4 years ago
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆2,022Jul 11, 2024Updated last year
- Remote Recon and Collection☆459Nov 23, 2017Updated 8 years ago
- Check-LocalAdminHash is a PowerShell tool that attempts to authenticate to multiple hosts over either WMI or SMB using a password hash to…☆180Sep 11, 2023Updated 2 years ago
- Credential and Red Teaming Defense for Windows Environments☆330Jul 17, 2024Updated last year
- Payload Generation Framework☆1,964Aug 21, 2024Updated last year
- This module mangles two lists of names together to generate a list of potential email addresses or usernames. It can also be used to simp…☆51Sep 25, 2017Updated 8 years ago
- Search for potential frontable domains☆642Mar 22, 2023Updated 2 years ago
- HTA encryption tool for RedTeams☆1,424Nov 9, 2022Updated 3 years ago
- GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.☆633Jun 20, 2017Updated 8 years ago
- PowerShell Remote Download Cradle Generator & Obfuscator☆853Mar 23, 2018Updated 7 years ago
- PowerShell Pass The Hash Utils☆1,722Dec 9, 2018Updated 7 years ago
- PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server☆2,689Dec 12, 2024Updated last year
- Malicious Macro Generator☆828Apr 17, 2019Updated 6 years ago
- Random Tools☆850Oct 20, 2022Updated 3 years ago
- RedSnarf is a pen-testing / red-teaming tool for Windows environments☆1,213Sep 14, 2020Updated 5 years ago
- Tool to audit and attack LAPS environments☆925Jan 31, 2018Updated 8 years ago
- LyncSniper: A tool for penetration testing Skype for Business and Lync deployments☆307Jul 3, 2020Updated 5 years ago
- PowerShell Runspace Post Exploitation Toolkit☆1,546Aug 2, 2019Updated 6 years ago
- SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, Supe…☆1,309Nov 22, 2022Updated 3 years ago
- Powershell C2 Server and Implants☆575Nov 11, 2019Updated 6 years ago
- Run PowerShell command without invoking powershell.exe☆1,533Mar 23, 2023Updated 2 years ago
- Domain Password Audit Tool for Pentesters☆1,024Dec 24, 2025Updated 2 months ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)☆168Jun 8, 2017Updated 8 years ago
- Executes common PowerSploit Powerview functions then combines output into a spreadsheet for easy analysis.☆70Jul 26, 2018Updated 7 years ago
- A tool to create a JScript file which loads a .NET v2 assembly from memory.☆1,317Jan 18, 2021Updated 5 years ago
- This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.☆388Jun 25, 2024Updated last year
- A PowerShell based utility for the creation of malicious Office macro documents.☆1,109Nov 3, 2017Updated 8 years ago
- This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported …☆842Jun 25, 2024Updated last year
- WePWNise generates architecture independent VBA code to be used in Office documents or templates and automates bypassing application cont…☆351Aug 27, 2018Updated 7 years ago
- Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS☆1,642Oct 11, 2018Updated 7 years ago
- .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers☆2,913Nov 19, 2025Updated 3 months ago
- The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool…☆1,128Feb 10, 2021Updated 5 years ago
- PowerShell MachineAccountQuota and DNS exploit tools☆1,435Jan 11, 2023Updated 3 years ago
- SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader☆1,308Oct 1, 2019Updated 6 years ago
- locate and attack Lync/Skype for Business☆346Oct 1, 2024Updated last year