Gibson> Download Garbage
  • Statement of purpose
  • Techniques
    • Intelligence Gathering
      • O365 Tenant ID
      • Internal domain enumeration
      • O365 email enumeration
      • Passive nmap (smap)
      • Large IP list handling
      • Host Enumeration
    • Initial Access
      • Mail scanning
      • VBA
    • Execution
      • DLL Hijacking
      • Windows LOLBINS
        • DLLs - LOLBIN Execution
        • Executables - LOLBIN Execution
        • Scripts - LOLBIN Execution
    • Privilege Escalation
      • Windows
        • Initial Enumeration
      • Linux
    • Defense Evasion
      • Clear windows event logs
      • Bypassing proxies and firewalls
      • Microsoft Windows Defender
    • Credential Access
      • Extract credentials from LSASS dump
      • Extract credentials from registry hives
      • LSA secrets extraction
      • Dumping LSASS.exe
      • Dumping registry hives
      • Dump the domain (Domain Controllers)
      • Browser cookies & passwords
      • Wi-Fi passwords
      • Clipboard
    • Infrastructure
    • Web application testing
      • XSS - Cross site scripting
        • Weaponising XSS
    • Other
      • Buffer Overflow resources
        • Buffer Overflow Python Template
        • Buffer Overflow Python Fuzzer
      • C Reverse Shell
      • Creating Tiered Storage in Windows 10
      • Default Credentials
    • Red Team Infrastructure
      • Cobalt Strike Team Server
      • Pre-redirector (free domains!)
      • HTTPS Redirector
      • Multi functional WebApp
      • Malleable C2 profiles
      • Gophish Docker reverse proxy
    • Malware
  • Tools
    • Tools
Powered by GitBook
On this page
  • Intelligence gathering
  • UhOh365
  • Intitial access
  • Evilginx
  • Modlishka
  • SpoofCheck
  • Execution
  • PEzor2
  • Credential Access
  • SprayingToolkit
  • Kerbrute

Was this helpful?

  1. Tools

Tools

A collection of tools which have proved useful either in their own right or as a starting point for other projects.

PreviousMalware

Last updated 4 years ago

Was this helpful?

Intelligence gathering

UhOh365

Office 365 email address enumeration

Intitial access

Evilginx

Reverse proxy that logs credentials, 2FA tokens and session tokens. Written in Go.

Modlishka

Reverse proxy that logs credentials.

SpoofCheck

Quick check for DNS entries relating to SPF and DMARC to determine if a domain has implemented mail spoofing protections.

Execution

PEzor2

Binary to .NET binary

Credential Access

SprayingToolkit

Password spraying tool for Lync/S4B & OWA

Kerbrute

Kerberos brute forcing

https://github.com/phra/PEzor/blob/master/aggressor/PEzor.cna
https://github.com/phra/PEzor
LogoGitHub - Xenov-X/UhOh365: A script that can see if an email address is valid in Office365 (user/email enumeration). This does not perform any login attempts, is unthrottled, and is incredibly useful for social engineering assessments to find which emails exist and which don't.GitHub
LogoGitHub - kgretzky/evilginx2: Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authenticationGitHub
LogoGitHub - drk1wi/Modlishka: Modlishka. Reverse Proxy.GitHub
LogoGitHub - BishopFox/spoofcheck: Simple script that checks a domain for email protectionsGitHub
LogoGitHub - byt3bl33d3r/SprayingToolkit: Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficientGitHub
LogoGitHub - ropnop/kerbrute: A tool to perform Kerberos pre-auth bruteforcingGitHub