tokyoneon / CredPhish
CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.
☆291Updated 3 years ago
Alternatives and similar repositories for CredPhish:
Users that are interested in CredPhish are comparing it to the libraries listed below
- Hiding GoPhish from the boys in blue☆177Updated 2 years ago
- Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories,…☆257Updated last year
- Malicious shortcut generator for collecting NTLM hashes from insecure file shares.☆321Updated 4 months ago
- AD Enum is a pentesting tool that allows to find misconfiguration through the the protocol LDAP and exploit some of those weaknesses with…☆298Updated last year
- Cobalt Strike is a post-exploitation framework designed to be extended and customized by the user community. Several excellent tools and …☆337Updated this week
- Tricks the target into enabling content (macros) with fake messages. Once enabled, uses macros to reduce the risk of suspision from targe…☆167Updated 3 years ago
- Basic C2 Server☆187Updated 3 years ago
- VPN Overall Reconnaissance, Testing, Enumeration and eXploitation Toolkit☆428Updated last year
- Invoke-ZeroLogon allows attackers to impersonate any computer, including the domain controller itself, and execute remote procedure calls…☆215Updated 4 years ago
- Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory☆384Updated 11 months ago
- A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.☆439Updated last year
- PowerSploit - A PowerShell Post-Exploitation Framework☆222Updated 3 years ago
- An Office365 User Attack Tool☆630Updated 11 months ago
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆417Updated 2 years ago
- ☆404Updated last year
- Assist reverse tcp shells in post-exploration tasks☆216Updated 11 months ago
- Maximizing BloodHound. Max is a good boy.☆505Updated last month
- Password Hunter in Active Directory☆197Updated 2 years ago
- ☆188Updated 5 years ago
- A User Impersonation tool - via Token or Shellcode injection☆412Updated 2 years ago
- Roast in the Middle☆288Updated 3 months ago
- ☆186Updated last year
- Password spraying tool and Bloodhound integration☆225Updated 2 months ago
- Automated Tool That Generates The Perfect Meterpreter Powershell Payload☆225Updated 3 years ago
- Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types☆378Updated 2 years ago
- Open-Source Collection of Social Engineering Pretexts☆135Updated last year
- ☆362Updated 3 years ago
- Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.☆486Updated 2 years ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆456Updated 2 years ago
- Manipulating and Abusing Windows Access Tokens.☆276Updated 4 years ago