AI Summary: The Active Directory Exploitation Cheat Sheet serves as a comprehensive resource for cybersecurity professionals, detailing methodologies and commands for navigating the Active Directory environment. Its primary use case involves facilitating reconnaissance, privilege escalation, and lateral movement within a network through structured commands using Powershell and .Net. Notable features include a systematic approach to various stages of the exploitation process, including domain enumeration, persistence techniques, and monitoring account vulnerabilities.

AI Summary: The Bash Bunny Payload Library provides a collection of community-developed payloads and extensions specifically designed for the Hak5 Bash Bunny, utilizing DuckyScript™ and Bash scripting languages. Its primary use case is to enable users to automate various tasks through the intuitive deployment of scripts, with notable features including community contributions and the ability to submit new payloads via pull requests. Additionally, the repository encourages collaboration and offers resources for building payloads through its associated PayloadStudio.

AI Summary: Chimera is a PowerShell obfuscation script designed to evade Detection and AMSI mechanisms by transforming potentially malicious PowerShell scripts into less recognizable forms. Its primary use case is for penetration testing and research into bypassing antivirus signatures, utilizing advanced techniques like string substitution and variable concatenation. Notable features include the capability to digest and obfuscate known malicious scripts while effectively bypassing security detection tools, thereby demonstrating the vulnerabilities in existing AV signatures.

AI Summary: K8tools is a collection of security research and penetration testing tools designed for use in various environments, including remote command execution and web shells. Notably, these tools are modified to enhance compatibility and stability, catering to security professionals who require reliable functionalities. The repository serves as a hub for downloading tools, accessing documentation, and submitting feedback for continuous improvement.

README

K8tools

声明: 工具仅供安全研究或授权渗透，非法用途后果自负。
下载: https://github.com/k8gege/K8tools
文档: http://k8gege.org/p/72f1fea6.html

AI Summary: Monkey365 is an open-source PowerShell module designed for security configuration reviews of Microsoft 365, Azure, and Microsoft Entra ID environments. It enables users to identify potential security misconfigurations and provides actionable recommendations for compliance with best practices. Notable features include its user-friendly approach that minimizes the need for in-depth knowledge of APIs and complex dashboards while facilitating comprehensive scans for security gaps.

README

AI Summary: Nishang is a comprehensive PowerShell framework designed for offensive security, penetration testing, and red teaming, featuring a collection of scripts and payloads that assist in various stages of penetration testing. It allows users to execute scripts in memory to bypass antivirus detection and includes notable functionalities such as encoding commands, webshell capabilities, and Active Directory manipulation tools. The framework is structured for ease of use with PowerShell, offering detailed help for individual scripts and versatile execution methods.

AI Summary: o365recon is a PowerShell script designed for retrieving information from Office 365 and Azure AD using valid credentials. Its primary use case is to facilitate information gathering for security assessments, with a notable feature allowing optional Azure querying through a simple command-line interface. The tool requires the installation of MSOnline and AzureAD modules and includes support for multi-factor authentication.

README

o365recon

script to retrieve information via O365 and AzureAD with a valid cred

AI Summary: The OSCP Cheat Sheet repository provides a comprehensive collection of essential commands and techniques specifically tailored for the Offensive Security Certified Professional (OSCP) exam. It includes updates on advanced exploitation methods such as Active Directory Certificate Services abuse and Shadow Credentials attacks, alongside practical resources for information gathering, vulnerability analysis, and exploitation strategies. The tool aims to assist users in navigating the exam requirements while emphasizing the importance of adhering to current exam guidelines.

AI Summary: The Penetration Testing Tools repository is a comprehensive collection of over 160 scripts, utilities, and cheatsheets designed for Penetration Testing and IT security audits. It encompasses a wide range of categories including cloud assessments, network protocols, web security, and red teaming, enabling practitioners to increase efficiency and improve technical assurance in their engagements. Notable features include modular organization by function, a focus on real-world applicability, and the absence of sensitive client-specific information.

AI Summary: PowerHub is a post-exploitation tool designed for PowerShell, facilitating the transfer of potentially flagged data during penetration testing engagements. Its notable features include being fileless and stateless, utilizing cert pinning and RC4 encryption for string obfuscation, allowing seamless execution of C# programs in memory, and offering multiple methods to bypass AMSI. The tool simplifies processes such as running scripts and transferring sensitive information like Kerberos tickets or passwords, either through command line or a web interface, enhancing collaboration for testing teams.

AI Summary: PowerShell for Hackers is a repository of customizable PowerShell functions designed to aid in developing payloads for security testing and ethical hacking. Key features include a variety of functions with descriptions, usage examples, and accompanying video tutorials, which facilitate the creation of payloads for diverse scenarios such as system manipulation, desktop interactions, and data concealment. This collection emphasizes community collaboration, allowing users to contribute their own functions.

README

AI Summary: PrivescCheck is a PowerShell script designed for identifying common Windows vulnerabilities and configuration issues outside the scope of public security standards, facilitating exploitation and post-exploitation tasks. It allows users to run various checks—including basic, extended, and audit checks—generate human-readable reports in multiple formats (TXT, HTML, CSV, XML), and includes options for silent execution and risky checks, making it suitable for penetration testing, research, and auditing purposes. Notably, the tool performs context-aware access control checks to provide accurate findings based on the current user’s privileges.

AI Summary: PsMapExec is a PowerShell-based post-exploitation framework designed to facilitate penetration testing within Active Directory environments. It offers enhancements over similar tools like CrackMapExec and NetExec, allowing for comprehensive Active Directory enumeration and management with a user-friendly interface. The tool is self-contained, making it suitable for use in restricted environments, and emphasizes adherence to ethical guidelines and consent when utilized for security assessments.

README

PsMapExec

AI Summary: RedSnarf is a penetration testing and red team tool designed for the extraction of hashes and credentials from Windows environments, including workstations, servers, and domain controllers, utilizing operationally safe techniques. Key features include the retrieval of local SAM hashes, enumeration of users with elevated privileges, and capabilities for hash spraying, LSASS dumps, and remote management functions like enabling/disabling RDP and clearing event logs. The tool focuses on efficient credential collection and strengthening post-exploitation analysis while maintaining a low profile during operations.

AI Summary: This repository contains personal notes focused on red teaming and offensive security, emphasizing practical experiments with various penetration testing techniques and tools in a controlled lab environment. It covers a range of methodologies, including code execution, defense evasion, and lateral movement, while aiming to enhance understanding of cyber attacks and malware development. Notable features include a commitment to referencing other researchers’ work and a critical approach to self-learning through experimentation and documentation.

AI Summary: SessionGopher is a PowerShell-based tool designed to retrieve and decrypt saved session information from remote access applications like PuTTY, WinSCP, FileZilla, and RDP. Its primary use case is for security assessments to identify systems that may connect to sensitive environments such as Unix systems or remote desktops. Notable features include thorough filesystem searches for private key files and the ability to run queries across multiple hosts or domain-joined systems, with results conveniently outputted to CSV files.

AI Summary: SkyArk is a cloud security tool that focuses on detecting and mitigating the threat of Cloud Shadow Admins in AWS and Azure environments through its two main scanning modules: AWStealth and AzureStealth. It identifies the most privileged cloud users and helps organizations ensure these entities are secured with best practices such as strong credentials and MFA. Notably, SkyArk enables risk assessment by uncovering hidden admin accounts that may escalate privileges if left unmanaged.

AI Summary: sysmon-modular is a modular Sysmon configuration repository designed for customization and maintenance of Microsoft Sysinternals’ Sysmon tool. Its primary use case is to generate tailored event logging configurations for monitoring system behavior and enhancing threat detection in diverse environments. Notable features include pre-generated configurations catering to different verbosity levels, a flexible module system for incorporating custom configurations, and automated XML generation through a PowerShell script integrated with Azure Pipelines.

AI Summary: The Windows Local Privilege Escalation Cookbook is designed to educate users on local privilege escalation techniques within Windows environments, focusing on exploiting misconfiguration vulnerabilities. It provides structured guidance, including sections on description, lab setup, enumeration, exploitation, and mitigation for various vulnerabilities, while also emphasizing ethical usage and the need for responsible application of the techniques outlined. Notably, it excludes evasion tactics and includes a PowerShell script for disabling Windows Defender under specific conditions.

AI Summary: WinPwn is a comprehensive PowerShell-based tool designed for internal penetration testing, emphasizing automation and proxy support for reconnaissance and exploitation tasks. Its notable features include modules for session management, credential dumping, local and domain reconnaissance, and privilege escalation checks, alongside the ability to operate offline and integrate well-known offensive security scripts. The tool streamlines the penetration testing process with an interactive menu for selecting various attack methods and extensive built-in reconnaissance capabilities.

AI Summary: Xencrypt is a PowerShell-based crypter designed to compress and encrypt PowerShell scripts while bypassing AMSI and modern antivirus solutions. Its notable features include variable name randomization, support for recursive layering of encrypted scripts, and a minimal overhead due to compression. This open-source tool serves as a demonstration for users looking to develop their own crypters, offering flexibility for customization and ease of use.

README

Xencrypt

PowerShell crypter v 1.0

Authors

Xentropy ( @SamuelAnttila )
SecForce ( @SECFORCE_LTD )