Archive | Windows Hacking


17 October 2015 | 2,892 views

windows-privesc-check – Windows Privilege Escalation Scanner

Windows-privesc-check is standalone executable that runs on Windows systems. It tries to find misconfiguration that could allow local unprivileged users to escalate privileges to other users or to access local applications (e.g. databases). Essentially it’s a Windows privilege escalation scanner, the Microsoft side of the World counterpart to unix-privesc-check – which we wrote about a […]

Continue Reading

01 October 2015 | 5,601 views

WinRAR Vulnerability Is Complete Bullshit

So Twitter exploded earlier with calls of a remote code execution WinRAR vulnerability leaving half a BILLION users open for some hardcore exploitation. I got interested ( that’s what I do here) and went to read about it, I have to call pretty sketchy, non-technical reporting from the The Register for once, it seems like […]

Continue Reading

22 September 2015 | 3,172 views

peinjector – MITM PE File Injector

The peinjector is a MITM PE file injector, the tool provides different ways to infect Windows platform executable files (PE COFF) with custom payloads without changing the original functionality. It creates patches, which are then applied seamlessly during file transfer. It is very performant, lightweight, modular and can be operated on embedded hardware. Features Full […]

Continue Reading

28 July 2015 | 4,494 views

Mimikatz – Gather Windows Credentials

Mimikatz is a tool to gather Windows credentials, basically a swiss-army knife of Windows credential gathering that bundles together many of the most useful tasks that you would perform on a Windows machine you have SYSTEM privileges on. It supports both Windows 32-bit and 64-bit and allows you to gather various credential types. Techniques such […]

Continue Reading

04 June 2015 | 3,055 views

OpenSSH On Windows – It’s Happening!

So it seems like getting rid of Ballmer was the best thing Microsoft has done in years, Satya is definitely pushing them in a much more positive direction with a focus on Azure and open sourcing technology and moves like this OpenSSH on Windows! A real show of support for open source technology and a […]

Continue Reading

25 April 2015 | 705 views

OAT – Microsoft OCS Assessment Tool (Office Communication Server)

OAT is an Open Source Microsoft OCS Assessment Tool designed to check the password strength of Lync and Microsoft Office Communication Server users. After a password is compromised, OAT demonstrates potential UC attacks that can be performed by legitimate users if proper security controls are not in place. We first wrote about OAT when it […]

Continue Reading

17 February 2015 | 7,388 views

Windows Credentials Editor (WCE) – List, Add & Change Logon Sessions

Windows Credentials Editor (WCE) is a security tool to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes, plaintext passwords and Kerberos tickets). This tool can be used, for example, to perform pass-the-hash on Windows, obtain NT/LM hashes from memory (from interactive logons, services, remote desktop connections, etc.), obtain Kerberos […]

Continue Reading

03 February 2015 | 4,681 views

SnoopyPro – Windows USB Sniffer Tool

SnoopyPro is a lightweight, standalone (no installation necessary) USB sniffer tool, it will log all data exchange between USB Device and its driver under a Windows environment. It definitely works on Windows XP, unsure about newer versions. SnoopyPro allows you to intercept, display, record and analyze USB protocol and all the data transferred between any […]

Continue Reading

20 November 2014 | 1,434 views

Sparty – MS Sharepoint and Frontpage Auditing Tool

Sparty is an open source Sharepoint and Frontpage auditing tool written in python to audit web applications using sharepoint and frontpage architecture. The motivation behind this tool is to provide an easy and robust way to scrutinize the security configurations of sharepoint and frontpage based web applications. Due to the complex nature of these web […]

Continue Reading

13 November 2014 | 2,999 views

Microsoft Schannel Vulnerabilty – Patch It NOW

So yah, it seems like every implementation of TLS is broken and some may say this Microsoft Schannel vulnerabilty is actually worse than Heartbleed. Why is it worse you ask? Because it allows remote code execution, which honestly – is about as bad as it gets. This is a critical update, a really, really critical […]

Continue Reading