Home

Awesome

SharpToolsAggressor

SharpEventLog: Windows Login EventLog

Get Windows Login EventLog:Login success:4624 And Login Failure:4625 c# 读取登录过本机的登录失败或登录成功(4624,4625)的所有计算机信息,在内网渗透中快速定位运维管理人员。 https://github.com/uknowsec/SharpEventLog

SharpWebScan: A Multi Port Web Title Scanner

https://github.com/RcoIl/CSharp-Tools/tree/master/SharpWebScan

SharpAVKB: GetWindowsAnti-VirusSoftware And GetWindowsKernelExploitsKB

Windows杀软对比和补丁号对比 https://github.com/uknowsec/SharpAVKB

SharpSQLTools: Command Line SQLTools

命令行版SQLTools https://github.com/uknowsec/SharpSQLTools

SharpDecryptPwd: DecryptPwd:Navicat,TeamViewer,FileZilla,WinSCP,Xmangager

对密码已保存在 Windwos 系统上的部分程序进行解析,包括:Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品(Xshell,Xftp)。 https://github.com/uknowsec/SharpDecryptPwd

SharpDomainSpray: SharpDomainSpray is a very simple password spraying tool written in .NET. It takes a password then finds users in the domain and attempts to authenticate to the domain with that given password.

https://github.com/RcoIl/CSharp-Tools/tree/master/SharpDomainSpray

SharpCheckInfo: Information Gathering

收集目标主机信息,包括最近打开文件,系统环境变量和回收站文件等等 https://github.com/uknowsec/SharpCheckInfo

Net-GPPPassword: .NET implementation of Get-GPPPassword. Retrieves the plaintext password and other information for accounts pushed through Group Policy Preferences.

https://github.com/outflanknl/Net-GPPPassword

SharpSQLDump:Quickly locate valuable data in database

内网渗透中快速获取数据库所有库名,表名,列名。具体判断后再去翻数据,节省时间。适用于mysql,mssql。

https://github.com/uknowsec/SharpSQLDump

SharpNetCheck:Quickly Net Check

在内网渗透过程中,对可以出网的机器是十分渴望的。在收集大量弱口令的情况下,一个一个去测试能不能出网太麻烦了。所以就有了这个工具,可配合如wmiexec、psexec等横向工具进行批量检测,该工具可以在dnslog中回显内网ip地址和计算机名,可实现内网中的快速定位可出网机器。

https://github.com/uknowsec/SharpNetCheck

SharpWeb: retrieve saved logins from Google Chrome, Firefox, Internet Explorer and Microsoft Edge. In the future, this project will be expanded upon to retrieve Cookies and History items from these browsers.

https://github.com/djhohnstein/SharpWeb