CrackMapExec – Active Directory Post-Exploitation Tool

CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of “Living off the Land”: abusing built-in Active Directory features/protocols to achieve its functionality and allowing it to evade most endpoint protection/IDS/IPS…

Read the full post at darknet.org.uk

Continue reading CrackMapExec – Active Directory Post-Exploitation Tool

Windows SMB Zero Day to Be Disclosed During DEF CON

Microsoft has said it will not patch a two-decade-old Windows SMB vulnerability, called SMBloris because it behaves comparably to the Slowloris attacks. The flaw will be disclosed and demonstrated during DEF CON. Continue reading Windows SMB Zero Day to Be Disclosed During DEF CON

PowerOPS – PowerShell Runspace Portable Post Exploitation Tool

PowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell “easier”. PowerOPS is an application written in C# that does not rely on powershell.exe but runs PowerShell commands and functions within a powershell runspace environment (.NET). It intends to include multiple offensive PowerShell modules to…

Read the full post at darknet.org.uk

Continue reading PowerOPS – PowerShell Runspace Portable Post Exploitation Tool