CVE-2022-33679

impacket编程手册

impacket编程手册 author:鲁平 个人公众号：Security丨Art，欢迎大佬前来批评指教 impacket包是一个常用的“域渗透工具包”,在他的example文件夹下有很多利用该工具包对域控进行操作的脚本，基本满足域渗透需求 也是因为这个原因导致网上的文章全是介绍他的示例文件的使用的文章，而�

linWinPwn is a bash script that streamlines the use of a number of Active Directory tools

linWinPwn - Swiss-Army knife for Active Directory Pentesting Description linWinPwn is a bash script that wraps a number of Active Directory tools for enumeration (LDAP, RPC, ADCS, MSSQL, Kerberos), vulnerability checks (noPac, ZeroLogon, MS17-010, MS14-068), object modifications (password change, add user to group, RBCD, Shadow Credentials) and password dumping (secretsdump, ls

linWinPwn Description linWinPwn is a bash script that automates a number of Active Directory Enumeration and Vulnerability checks The script uses a number of tools and serves as wrapper of them Tools include: impacket, bloodhound, crackmapexec, ldapdomaindump, lsassy, smbmap, kerbrute, adidnsdump, certipy, silenthound, and others linWinPwn is particularly useful when you hav

Simple Bash script to download/Install and organize all kali linux missing RedTeam/BBH tools in one directory

EvilKali EvilKali is a Bash script that automates the download and installation of various penetration testing tools The purpose of the script is to create an environment with all the necessary tools for Red Teaming and Application Security Usage /evilkalish ___________ ____ ____ __ __ __ \_ _____/__ _|__| | | |/ _|____ | | |__| | __)_\ \/

One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html

CVE-2022-33679 One day based on googleprojectzeroblogspotcom/2022/10/rc4-is-still-considered-harmfulhtml Usage usage: CVE-2022-33079py [-h] [-ts] [-debug] [-dc-ip ip address] target serverName Example

One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html

CVE-2022-33679 One day based on googleprojectzeroblogspotcom/2022/10/rc4-is-still-considered-harmfulhtml Usage usage: CVE-2022-33079py [-h] [-ts] [-debug] [-dc-ip ip address] target serverName Example

poc of CVE-2022-33679

CVE-2022-33679 poc of CVE-2022-33679

Kerberos_CVE-2022-33679 REQUIREMENTS impacket==0100 arc4==030 USE case: CVE-2022-33079py [-h] [-ts] [-debug] [-dc-ip ip address] target serverName

Typical pentesting way

githubcom/NotMedic/NetNTLMtoSilverTicket Gunnajs-Playbook How to pentest like a Gunnaj Toolbox Utils NMAP nmaporg/ linWinPwn - Active Directory Vulnerability Scanner githubcom/lefayjey/linWinPwn Installation Install the dependency NetExec apt install pipx git pipx ensurepath pipx install git+githubcom/Pennyw0rth/NetExec

linWinPwn Description linWinPwn is a bash script that automates a number of Active Directory Enumeration and Vulnerability checks The script uses a number of tools and serves as wrapper of them Tools include: impacket, bloodhound, crackmapexec, ldapdomaindump, lsassy, smbmap, kerbrute, adidnsdump, certipy, silenthound, and others linWinPwn is particularly useful when you hav

ad vulnerability scanner

AD高危漏洞扫描/利用工具   AD高危漏洞扫描/利用工具, 对AD高危漏洞进行快速批量检测。 模式 单机检测   未指定批量检测相关参数时, 默认使用该模式。 批量检测   当指定相关参数时(-all-dc/-tf), 启用批量检测模式, 在该模式下, 未指定目标ip文件时, 将通过dns解析域名

Typical pentesting way

githubcom/NotMedic/NetNTLMtoSilverTicket Gunnajs-Playbook How to pentest like a Gunnaj Toolbox Utils NMAP nmaporg/ linWinPwn - Active Directory Vulnerability Scanner githubcom/lefayjey/linWinPwn Installation Install the dependency NetExec apt install pipx git pipx ensurepath pipx install git+githubcom/Pennyw0rth/NetExec