This function runs a number of checks on a system to help provide situational awareness to a penetration tester during the reconnaissance phase. It gathers information about the local system, users, and domain information. It does not use any 'net', 'ipconfig', 'whoami', 'netstat', or other system commands to help avoid detection.
☆466Oct 3, 2017Updated 8 years ago
Alternatives and similar repositories for HostRecon
Users that are interested in HostRecon are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- PowerMeta searches for publicly available files hosted on various websites for a particular domain by using specially crafted Google, and…☆581Jul 3, 2025Updated 11 months ago
- A PowerShell tool for taking screenshots of multiple web servers quickly.☆94Apr 19, 2017Updated 9 years ago
- DAFT: Database Audit Framework & Toolkit☆184Aug 11, 2021Updated 4 years ago
- MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, i…☆3,249Aug 7, 2025Updated 10 months ago
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆2,058Jul 11, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- This module mangles two lists of names together to generate a list of potential email addresses or usernames. It can also be used to simp…☆51Sep 25, 2017Updated 8 years ago
- Credential and Red Teaming Defense for Windows Environments☆331Jul 17, 2024Updated last year
- Remote Recon and Collection☆462Nov 23, 2017Updated 8 years ago
- Payload Generation Framework☆1,984Aug 21, 2024Updated last year
- Check-LocalAdminHash is a PowerShell tool that attempts to authenticate to multiple hosts over either WMI or SMB using a password hash to…☆179Sep 11, 2023Updated 2 years ago
- Search for potential frontable domains☆647Mar 22, 2023Updated 3 years ago
- PowerShell Pass The Hash Utils☆1,782Dec 9, 2018Updated 7 years ago
- GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.☆636Jun 20, 2017Updated 9 years ago
- HTA encryption tool for RedTeams☆1,428Nov 9, 2022Updated 3 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- PowerShell Remote Download Cradle Generator & Obfuscator☆854Mar 23, 2018Updated 8 years ago
- PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server☆2,721Dec 12, 2024Updated last year
- Random Tools☆853Oct 20, 2022Updated 3 years ago
- Tool to audit and attack LAPS environments☆952Jan 31, 2018Updated 8 years ago
- LyncSniper: A tool for penetration testing Skype for Business and Lync deployments☆308Jul 3, 2020Updated 5 years ago
- Domain Password Audit Tool for Pentesters☆1,054Dec 24, 2025Updated 6 months ago
- RedSnarf is a pen-testing / red-teaming tool for Windows environments☆1,214Sep 14, 2020Updated 5 years ago
- PowerShell MachineAccountQuota and DNS exploit tools☆1,485Jan 11, 2023Updated 3 years ago
- A tool to create a JScript file which loads a .NET v2 assembly from memory.☆1,330Jan 18, 2021Updated 5 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- PowerShell Runspace Post Exploitation Toolkit☆1,552Aug 2, 2019Updated 6 years ago
- Run PowerShell command without invoking powershell.exe☆1,553Apr 9, 2026Updated 2 months ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)☆171Jun 8, 2017Updated 9 years ago
- Malicious Macro Generator☆832Apr 17, 2019Updated 7 years ago
- Evil SQL Client (ESC) is an interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration feature…☆306Apr 25, 2023Updated 3 years ago
- SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, Supe…☆1,324Nov 22, 2022Updated 3 years ago
- Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS☆1,673Oct 11, 2018Updated 7 years ago
- Cheat sheets for various projects.☆1,100Oct 16, 2017Updated 8 years ago
- .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers☆2,987Nov 19, 2025Updated 7 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- CACTUSTORCH: Payload Generation for Adversary Simulations☆1,019Jul 3, 2018Updated 7 years ago
- Powershell C2 Server and Implants☆576Nov 11, 2019Updated 6 years ago
- SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader☆1,326Oct 1, 2019Updated 6 years ago
- This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.☆387Jun 25, 2024Updated 2 years ago
- This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported …☆859Jun 25, 2024Updated 2 years ago
- A collection of files for adding and leveraging custom properties in BloodHound.☆186Nov 28, 2019Updated 6 years ago
- Conveigh is a Windows PowerShell LLMNR/NBNS spoofer detection tool☆98Aug 28, 2016Updated 9 years ago