From 56382fd6f5ce6d8778f25bf7c787fc976c45c315 Mon Sep 17 00:00:00 2001 From: pe3zx Date: Mon, 27 Jun 2022 22:09:29 +0700 Subject: [PATCH] Add: leechristensen/SpoolSample to Credential Access section --- Offensive.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/Offensive.md b/Offensive.md index bd2c961..9ec95d6 100644 --- a/Offensive.md +++ b/Offensive.md @@ -2195,6 +2195,10 @@ Some tools can be categorized in more than one category. But because the current KoreLogicSecurity/wmkick WMkick is a TCP protocol redirector/MITM tool that targets NTLM authentication message flows in WMI (135/tcp) and Powershell-Remoting/WSMan/WinRM (5985/tcp) to capture NetNTLMv2 hashes. + + leechristensen/SpoolSample + PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well. + Luct0r/KerberOPSEC OPSEC safe Kerberoasting in C# @@ -2308,6 +2312,10 @@ Some tools can be categorized in more than one category. But because the current shantanu561993/SharpLoginPrompt This Program creates a login prompt to gather username and password of the current user. This project allows red team to phish username and password of the current user without touching lsass and having adminitrator credentials on the system. + + ShutdownRepo/ShadowCoerce + + ShutdownRepo/smartbrute Password spraying and bruteforcing tool for Active Directory Domain Services