840a2f6628
Extract all winscp credentials from all logged in users from registry
2023-02-13 08:32:34 -05:00
ca988744f0
Add winscp registry extraction
2023-02-13 08:32:34 -05:00
02f43dc287
baseline for winscp_dump module
2023-02-13 08:32:34 -05:00
6f198372ca
merge firefox into dpapi core option
2023-02-13 11:48:12 +01:00
877ebc28d5
Fix conf base for child domains
2023-02-12 16:19:35 -05:00
01de301ce1
Create groupmembership.py
...
A module to query the groups to which a user belongs.
2023-02-12 16:13:19 -05:00
59e0e6b340
fix OUTPUT option description in spider_plus
2023-02-12 16:09:17 -05:00
909f44d155
Fix ldap-checker module pth auth using NT hash
2023-02-12 16:00:43 -05:00
60a7d8bdc0
Fix issue #732
2023-02-12 15:59:52 -05:00
e84f589902
Update nopac.py
...
Fixed spelling
2023-02-12 09:21:08 -05:00
5f5884785f
Fix ccache kerberos auth using rpc
2023-02-12 09:14:08 -05:00
a4c53cab36
update firefox module
2023-02-10 15:57:10 +01:00
a0832f2190
add firefox module
2023-02-10 15:16:10 +01:00
f790d95613
pass it to core option
2023-02-07 12:06:42 +01:00
66cd0799ab
add comments and limit cert dump to clientauth cert
2023-01-23 10:12:28 +01:00
b14fe7f94f
Fixed bh_owned error on non-existing values
...
If a computer on the network has been compromised but is not listed in the Neo4j database. CME won't crash any more.
2022-12-12 14:39:29 -05:00
6f7c99bb50
Merge branch 'Porchetta-Industries:master' into master
2022-11-25 17:25:16 +01:00
a3046f657b
Fixed bh_owned error on non-existing values
...
If a computer on the network has been compromised but is not listed in the Neo4j database. CME won't crash any more.
2022-11-25 16:58:52 +05:00
75d01e5cb6
init dpapi module
2022-11-17 16:16:10 +01:00
a5c30851c0
Fix output always returning false
...
Based on Neo4j documentation https://neo4j.com/docs/api/python-driver/current/api.html#neo4j.Result I added some modification to the result variable.
The way it was code, `result.value()` always return 0.
2022-11-09 15:39:43 -04:00
ba690f93fd
Added the option to select architecture (64 or 32)
...
The module only allowed 32 bits, with this change it is possible to select 32 bits or 64 bits architecture.
2022-11-09 07:07:29 -04:00
ccfd9565e0
Fix #671 - handlekatz modules fail
...
handlekatz modules fail if directory /tmp/shared does not exist. I changed the directory from /tmp/shared to /tmp and the option description.
2022-11-08 11:14:00 -04:00
61757a2cd2
Fix #671 - procdump modules fail
...
procdump modules fail if directory /tmp/shared does not exist. I changed the directory from /tmp/shared to /tmp and the option description.
2022-11-08 11:13:05 -04:00
be6b0edd42
Merge pull request #662 from Porchetta-Industries/rdp
...
Bump aardwolf to version 0.2.0
2022-11-08 09:31:58 +01:00
60e3dda195
Merge pull request #601 from Dfte/master
...
Add the Impersonate module
2022-11-07 12:26:37 +01:00
12ec7f2278
update impersonate binary
2022-11-02 07:23:07 -04:00
5d4f3b5606
Update impersonate.py
...
I'll add technical links to the blog post explaining token manipulation internals as well as the source code of the original binary when the blog post will be released (should be on monday)
2022-10-29 11:55:34 +02:00
1bfb3a860b
Addind the IMP_EXE option
...
Guess this will be the final one :P
2022-10-29 11:52:48 +02:00
9c66f29474
Merge branch 'master' into rdp
2022-10-28 15:22:28 +02:00
aa8bf6aa46
Refactor options
2022-10-27 15:32:55 -04:00
2dcd33ee17
Update impersonate.py
...
Adding double quotes for spaced cmd
2022-10-27 18:57:00 +02:00
ed80922b0e
Final update!
2022-10-27 12:21:46 +02:00
65724d4553
Merge pull request #653 from Z4kSec/master
...
Add Masky module
2022-10-25 13:03:29 +02:00
e2130c658c
Bump aardwolf to 0.2.0
2022-10-24 15:02:42 -04:00
704471b366
Update teams_localdb.py
...
Multi user support added.
Otherwise the file at /tmp/teams_cookies2.txt gets mangled up and you don't get back any results as sqlite3 can access it but won't find any content.
2022-10-20 11:51:53 +02:00
d55f7513d2
Merge remote-tracking branch 'upstream/master'
2022-10-18 22:29:04 +02:00
2806c81d73
Add masky module
2022-10-18 22:19:35 +02:00
74bbeee05a
Merge pull request #647 from R-Secure/master
...
Added functionality to retrieve ssoauthookie from Microsoft Teams local db
2022-10-18 20:42:53 +02:00
7b9ce02f46
update module teams
2022-10-16 09:15:00 -04:00
ff758fd6dd
Merge pull request #646 from bogey3/install_elevated
...
Module to check for AlwaysInstallElevated
2022-10-13 14:57:18 +02:00
d162d7b55c
Merge pull request #640 from Tw1sm/ntlmv1-module
...
Module to check for NTLMv1 Compatibility
2022-10-13 14:57:09 +02:00
dad84132e2
Merge pull request #637 from d3lb3/keepass_trigger
...
Add KeePass trigger abuse module
2022-10-13 14:56:39 +02:00
d3162ee45a
Merge pull request #636 from d3lb3/master
...
Add KeePass discovery module
2022-10-13 14:56:29 +02:00
1e5db5da61
Merge pull request #610 from BlWasp/dacledit
...
Add the new daclread.py LDAP module and the msada_guids.py library
2022-10-13 14:56:18 +02:00
247de78541
Merge pull request #597 from guervild/mssql-upload-download
...
Mssql upload / download
2022-10-13 14:55:20 +02:00
4f595fbbc7
Restart keepass to load cleaned config
2022-10-13 08:41:58 -04:00
bbd606c067
Added functionality to retrieve the Microsoft Teams Cookies database and extract the ssoauthcookie
2022-10-11 06:44:22 -04:00
ea63b29000
update nanodump module for mssql
2022-10-10 16:22:09 -04:00
acf1789f2f
Add warning messages about non recursivity.
2022-10-10 14:25:55 +00:00
927a82a554
parse keepass config file and extract password
2022-10-10 08:36:27 -04:00
777a422888
add error with config setting not found
2022-10-10 05:57:26 -04:00
521b55daee
Update message for polling
2022-10-10 05:36:52 -04:00
365abf8fb0
Update keepass module to set opsec safe to false
2022-10-10 05:32:47 -04:00
4ba1085128
update import csv
2022-10-10 05:14:16 -04:00
1629029d35
Update install_elevated.py
...
Updated to display enabled when only the entry in HKLM is enabled as low privilege users can modify the HKCU and grant themselves permission.
Note that once the per-machine policy for AlwaysInstallElevated is enabled, any user can set their per-user setting.
https://learn.microsoft.com/en-us/windows/win32/msi/alwaysinstallelevated
2022-10-07 16:25:56 -04:00
8d92e34d66
Created install_elevated.py
...
This module will check if the computer and the supplied user have AlwaysInstallElevated enabled.
2022-10-07 15:55:58 -04:00
fc57723678
Merge pull request #642 from nurfed1/master
...
LDAP protocol improvements and scan-network module bugfix
2022-10-05 17:34:56 +02:00
4aeb311e22
Fix PowerShell parsing after file search
2022-10-02 18:32:01 +02:00
65796271c0
Merge branch 'export'
2022-09-22 18:06:37 -04:00
4c5844890c
Improve module scan network
2022-09-22 18:05:39 -04:00
b0731f6f2c
Merge branch 'master' into master
2022-09-19 09:06:23 +02:00
f391b8a2a6
Bug fix: ensure DN is lowercase
2022-09-18 20:49:03 +02:00
15638400ea
include compatibilitylevel 2
2022-09-16 09:30:56 -05:00
196d91c6bd
added ntlmv1 check module
2022-09-15 17:51:54 -05:00
73b945341f
Merge pull request #613 from spyr0-sec/master
...
whoami LDAP module
2022-09-09 20:41:34 +02:00
91be977ebb
update module ldap whoami
2022-09-08 15:04:04 -04:00
080d9e1d97
Merge pull request #608 from wlayzz/shebang_and_encoding
...
Adding shebang and encoding utf-8 for all python files
2022-09-07 21:05:56 +02:00
1bc2cd2dad
Add module scan-subnet
2022-09-07 10:51:56 -04:00
be5883a6a1
Fix typo in log messages
2022-09-04 15:13:43 +02:00
904e0e7f29
Add keepass_trigger module
2022-09-04 14:29:41 +02:00
6d762f1766
Fix typo
2022-09-03 23:14:47 +02:00
8248e6007d
Add keepass_discover module
2022-09-03 19:39:34 +02:00
8acbc3bba2
Never logged on handling
2022-08-11 12:10:19 +01:00
653a710759
Added ServicePrincipalNames
2022-08-11 11:12:31 +01:00
293e9a9164
Added SamAccountName option, more attributes and error handling
2022-08-11 10:54:05 +01:00
d520ecc7a5
Fixed description output
2022-08-08 17:18:45 +01:00
b9e3e2ea40
whoami LDAP module
2022-08-08 16:47:57 +01:00
175b5b29d0
Add the new daclread.py module and the msada_guids.py library
2022-07-30 12:35:55 +00:00
a9e56a063e
Fix subnets module
2022-07-22 18:48:51 +03:00
3524b4e5bb
Update gpp password module
2022-07-21 14:43:30 +02:00
177dceded8
Fix infinit loop for module hash_spider
2022-07-19 06:45:38 -04:00
b57ba767f8
Adding shebang and encoding utf-8 for all python files
2022-07-19 01:59:14 +02:00
fad09bd6b0
Update spider hash module to work with local auth and add reset option
2022-07-18 17:18:40 -04:00
6f24cb2023
Update hash_spider.py
2022-07-16 09:20:51 -05:00
cb98872bfa
Merge branch 'Porchetta-Industries:master' into master
2022-07-16 09:20:25 -05:00
b08f9ac64d
Update impersonate.py
2022-07-09 18:34:35 +02:00
dbc45def20
Update code
2022-07-08 07:58:14 -04:00
b571158953
Create ldap-checker.py
...
Added a module to check for LDAP signing and channel binding settings.
2022-07-08 01:46:11 +02:00
e8947d60d4
lsassy v3.1.3
2022-07-06 10:11:23 +02:00
01ad4e24a3
Add files via upload
2022-07-04 13:44:35 +01:00
9e1cabada5
add shadowcoerce module
2022-06-29 19:11:46 -04:00
34b0683b94
Add nanodump to support MSSQL
2022-06-29 13:44:56 +02:00
1f2cfefc9a
add dfscoerce module
2022-06-29 02:09:52 -04:00
e7dda670d0
Remove duplicate logic
2022-06-24 01:28:59 +02:00
82d5c9b500
Ensure correct domain name
2022-06-24 01:24:36 +02:00
a6761bfa50
Add nanodump results to cmedb
2022-06-24 01:04:39 +02:00
52bc18c548
Cleanup cme
2022-06-20 07:53:30 -04:00
8a6b82a410
Merge branch 'master' into master
2022-06-18 23:14:24 +02:00
3a6451a4c5
Recompile the binaries x64 and x86
2022-06-18 17:05:26 -04:00
649917ee6b
Write hostname, architecture and domain in the file name
2022-06-18 02:56:55 +02:00
Alexander Neff
Alex
zblurx
lefayjey
Julio Ureña
Cameron Stark
Sunggwan Choi
mpgn
iLightThings
Shariq Malik
zblurx
Defte
LuemmelSec
Zak
R-Secure
BlWasp
bogey3
JulienBedel
nurfed1
Tw1sm
Julien Bedel
spyr0
snovvcrash
Wlayzz
pgormanDS
pixis
choi
guervild
Dimitri Lesy