danielwolfman / Invoke-WordThief
This script runs multithreading module that connects to a remote TCP server, monitors active (opened) Microsoft Word documents (.doc,.docx,etc') and extracting their text using Word application's COM Object. The script adds HKCU registry (no admin needed) Run key, so this script runs persistently.
☆32Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for Invoke-WordThief
- LetMeOutOfYour.net Resources☆20Updated 4 years ago
- Extracts Azure authentication tokens from PowerShell process minidumps.☆23Updated last year
- Checklist for pentests, handy commands for to remembers, and a few tools to work on here and there. Far from complete!☆26Updated last year
- Jira Secret Hunter - Helps you find credentials and sensitive contents in Jira tickets☆42Updated last year
- A Burp Extender plugin that will allow you to tamper with requests containing compressed, serialized java objects.☆24Updated 5 years ago
- parsers to make life easier☆12Updated 4 years ago
- A pair of scripts to import session and local group information that has been collected from alternate data sources into BloodHound's Neo…☆19Updated 2 years ago
- automatic scan for hackthebox☆14Updated 4 years ago
- Methods of C2☆21Updated 9 years ago
- C# utility that uses WMI to run "cmd.exe /c netstat -n", save the output to a file, then use SMB to read and delete the file remotely☆38Updated 4 years ago
- SMB Auto Relay provides the automation of SMB/NTLM Relay technique for pentesting and red teaming exercises in active directory environme…☆47Updated 3 years ago
- My python3 implementation of a Forward Shell☆35Updated 5 years ago
- A collection of OSCE preparation resources.☆23Updated 5 years ago
- Any presentation we've given at FortyNorth Security☆33Updated 3 years ago
- rustyIron is a tool that takes advantage of functionality within Ivanti's MobileIron MDM solution to perform single-factor authentication…☆43Updated 3 years ago
- Simple C2 over the Trello API☆37Updated last year
- Post-exploitation tool for attacking Active Directory domain controllers☆15Updated last year
- Basic tool to automate backdooring PE files☆54Updated 2 years ago
- ansible roles to download and install empire (BC-Security),deathstar(byt3bl33der) and starkiller (BC-Security)☆23Updated 2 years ago
- ☆14Updated 4 years ago
- Reproducible and extensible BloodHound playbooks☆42Updated 4 years ago
- ☆16Updated 7 years ago
- ☆18Updated 4 years ago
- various slides and presentations I've worked on☆18Updated 9 months ago
- Use rpc null sessions to retrieve machine list, domain admin list, domain controllers☆13Updated last year
- Scripts for OSCE☆18Updated 5 years ago
- ☆16Updated 3 years ago