Awesome
Windows
Awesome tools to play with Windows !
List of tools used for exploiting Windows:
- Exploitation : Windows Software Exploitation
- hacking-team-windows-kernel-lpe : Previously-0day exploit from the Hacking Team leak, written by Eugene Ching/Qavar.
- mimikatz : A little tool to play with Windows security - extract plaintexts passwords, hash, PIN code and kerberos tickets from memory.
- Pazuzu : Reflective DLL to run binaries from memory
- Potato : Privilege Escalation on Windows 7,8,10, Server 2008, Server 2012
- UACME : Defeating Windows User Account Control
- Windows-Exploit-Suggester : This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
Misc
- afot : Automation Forensics Tool for Windows
- Invoke-LoginPrompt : Invokes a Windows Security Login Prompt and outputs the clear text password
- PowerShellArsenal : A PowerShell Module Dedicated to Reverse Engineering
- Winpayloads : Undetectable Windows Payload Generation
PowerShell
- BloodHound : Six Degrees of Domain Admin
- Empire : Empire is a PowerShell and Python post-exploitation agent
- Generate-Macro : Powershell script will generate a malicious Microsoft Office document with a specified payload and persistence method
- Invoke-AltDSBackdoor : This script will obtain persistence on a Windows 7+ machine under both Standard and Administrative accounts by using two Alternate Data Streams
- Old-Powershell-payload-Excel-Delivery : This version touches disk for registry persistence
- PSRecon : PSRecon gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and sends the data off to the security team
- PowerShell-Suite : Some useful scripts in powershell
- PowerSploit : A PowerShell Post-Exploitation Framework
- PowerTools : A collection of PowerShell projects with a focus on offensive operations
- Powershell-C2 : A PowerShell script to maintain persistance on a Windows machine
- Powershell-Payload-Excel-Delivery : Uses Invoke-Shellcode to execute a payload and persist on the system
- mimikittenz : A post-exploitation powershell tool for extracting juicy info from memory.