tokyoneon / CredPhishLinks
CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.
☆297Updated 3 years ago
Alternatives and similar repositories for CredPhish
Users that are interested in CredPhish are comparing it to the libraries listed below
Sorting:
- AD Enum is a pentesting tool that allows to find misconfiguration through the the protocol LDAP and exploit some of those weaknesses with…☆302Updated last year
- VPN Overall Reconnaissance, Testing, Enumeration and eXploitation Toolkit☆435Updated last year
- Hiding GoPhish from the boys in blue☆183Updated 2 years ago
- Malicious shortcut generator for collecting NTLM hashes from insecure file shares.☆332Updated 7 months ago
- Assist reverse tcp shells in post-exploration tasks☆220Updated 2 weeks ago
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆424Updated 2 years ago
- User enumeration and password bruteforce on Azure, ADFS, OWA, O365, Teams and gather emails on Linkedin☆443Updated last year
- A collection of Windows print spooler exploits containerized with other utilities for practical exploitation.☆556Updated 3 years ago
- A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.☆440Updated last year
- Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The…☆349Updated 2 years ago
- ☆198Updated 5 years ago
- Invoke-ZeroLogon allows attackers to impersonate any computer, including the domain controller itself, and execute remote procedure calls…☆217Updated 4 years ago
- Password spraying tool and Bloodhound integration☆234Updated 5 months ago
- Basic C2 Server☆190Updated 3 years ago
- POC of SecureWorks' recent Azure Active Directory password brute-forcing vuln☆191Updated 3 years ago
- A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies☆320Updated 2 years ago
- ☆409Updated last year
- msImpersonate - User account impersonation written in pure Python3☆108Updated 3 years ago
- Enumerate information from NTLM authentication enabled web endpoints 🔎☆483Updated 11 months ago
- Maximizing BloodHound. Max is a good boy.☆516Updated last month
- A better version of Xencrypt.Xencrypt it self is a Powershell runtime crypter designed to evade AVs.☆222Updated 3 years ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆465Updated 2 years ago
- scan for NTLM directories☆359Updated this week
- PowerSploit - A PowerShell Post-Exploitation Framework☆232Updated 3 years ago
- A quick handy script to harvest credentials off of a user during a Red Team and get execution of a file from the user☆258Updated 3 years ago
- WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations☆361Updated 4 years ago
- Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.☆491Updated 2 years ago
- An Office365 User Attack Tool☆636Updated last year
- Kerberoast attack -pure python-☆434Updated last year
- Retrieve LAPS password from LDAP☆412Updated 4 years ago