[Tools][Windows] eladshamir/Internal-Monologue

2025-01-12 08:09:31 -05:00 · 2018-03-29 23:36:10 +07:00 · 2018-03-29 23:36:10 +07:00 · be995ba9a9
commit be995ba9a9
parent a03d7a1881
1 changed files with 4 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -1600,6 +1600,10 @@ My curated list of awesome links, resources and tools
        <td><a href="https://github.com/DanMcInerney/icebreaker">DanMcInerney/icebreaker</a></td>
        <td>Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/eladshamir/Internal-Monologue">eladshamir/Internal-Monologue</a></td>
+        <td>Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS</td>
+    </tr>
    <tr>
        <td><a href="https://github.com/google/sandbox-attacksurface-analysis-tools">google/sandbox-attacksurface-analysis-tools</a></td>
        <td>This is a small suite of tools to test various properties of sandboxes on Windows. Many of the checking tools take a -p flag which is used to specify the PID of a sandboxed process. The tool will impersonate the token of that process and determine what access is allowed from that location. Also it's recommended to run these tools as an administrator or local system to ensure the system can be appropriately enumerated.</td>