Archive | Windows Hacking

Advertisements


26 January 2016 | 3,910 views

RWMC – Retrieve Windows Credentials With PowerShell

RWMC is a Windows PowerShell script written as a proof of concept to Retrieve Windows Credentials using only PowerShell and CDB command-line options (Windows Debuggers). It allows to retrieve credentials from Windows 2003 to 2012 and Windows 10 (It was tested on 2003, 2008r2, 2012, 2012r2 and Windows 7 – 32 and 64 bits, Windows […]

Continue Reading


09 January 2016 | 3,756 views

FastIR Collector – Windows Incident Response Tool

FastIR Collector is Windows incident response tool that offers the possibility to extract classic artefacts such as memory dump, auto-started software, MFT, MBR, Scheduled tasks, Services and records the results in csv files. The tool can also perform smart acquisitions thanks to the filecatcher, certificate filtering or support of Yara rules. The first part of […]

Continue Reading


29 December 2015 | 6,715 views

LaZagne – Password Recovery Tool For Windows & Linux

The LaZagne project is an open source password recovery tool used to retrieve passwords stored on a local computer. Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases and so on). This tool has been developed for the purpose of finding these passwords for the most commonly-used software. At this moment, […]

Continue Reading


22 December 2015 | 2,268 views

PowerSploit – A PowerShell Post-Exploitation Framework

PowerSploit is a collection of Microsoft PowerShell modules that can be used to aid penetration testers during all phases of an assessment. Basically PowerSploit is a PowerShell Post-Exploitation Framework that helps you with various tasks like DLL injection, invoking shellcode and setting up script persistence. It also includes reflective PE injection and can reflectively load […]

Continue Reading


08 December 2015 | 2,447 views

SprayWMI – PowerShell Injection Mass Spray Tool

SprayWMI is a method for mass spraying Unicorn PowerShell injection to CIDR notations. It’s an alternative to traditional, ‘noisy’ tools which leave something on the disk like PsExec, smbexec, winexe and so on. These tools have worked really well, however, they are fairly noisy creating a service and touching disk which will trigger modern defense […]

Continue Reading


17 October 2015 | 3,407 views

windows-privesc-check – Windows Privilege Escalation Scanner

Windows-privesc-check is standalone executable that runs on Windows systems. It tries to find misconfiguration that could allow local unprivileged users to escalate privileges to other users or to access local applications (e.g. databases). Essentially it’s a Windows privilege escalation scanner, the Microsoft side of the World counterpart to unix-privesc-check – which we wrote about a […]

Continue Reading


01 October 2015 | 5,982 views

WinRAR Vulnerability Is Complete Bullshit

So Twitter exploded earlier with calls of a remote code execution WinRAR vulnerability leaving half a BILLION users open for some hardcore exploitation. I got interested (obviously..as that’s what I do here) and went to read about it, I have to call pretty sketchy, non-technical reporting from the The Register for once, it seems like […]

Continue Reading


22 September 2015 | 3,637 views

peinjector – MITM PE File Injector

The peinjector is a MITM PE file injector, the tool provides different ways to infect Windows platform executable files (PE COFF) with custom payloads without changing the original functionality. It creates patches, which are then applied seamlessly during file transfer. It is very performant, lightweight, modular and can be operated on embedded hardware. Features Full […]

Continue Reading


28 July 2015 | 6,267 views

Mimikatz – Gather Windows Credentials

Mimikatz is a tool to gather Windows credentials, basically a swiss-army knife of Windows credential gathering that bundles together many of the most useful tasks that you would perform on a Windows machine you have SYSTEM privileges on. It supports both Windows 32-bit and 64-bit and allows you to gather various credential types. Techniques such […]

Continue Reading


04 June 2015 | 3,099 views

OpenSSH On Windows – It’s Happening!

So it seems like getting rid of Ballmer was the best thing Microsoft has done in years, Satya is definitely pushing them in a much more positive direction with a focus on Azure and open sourcing technology and moves like this OpenSSH on Windows! A real show of support for open source technology and a […]

Continue Reading


Advertisements