Dviros / Credsleaker
Licence: mit
Credsleaker allows an attacker to craft a highly convincing credentials prompt using Windows Security, validate it against the DC and in turn leak it via an HTTP request.
Stars: ✭ 247
Programming Languages
powershell
5483 projects
Projects that are alternatives of or similar to Credsleaker
Snoop
Snoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+258.7%)
Mutual labels: infosec, redteam
Red Team Curation List
A list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-72.47%)
Mutual labels: infosec, redteam
Holisticinfosec For Webdevelopers Fascicle0
📚 Overview 🔒 Tooling 🔒 Process 🔒 Physical 🔒 People 📚
Stars: ✭ 37 (-85.02%)
Mutual labels: infosec, social-engineering
Mxtract
mXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (+102.02%)
Mutual labels: redteam, credentials
Netpwn
Tool made to automate tasks of pentesting.
Stars: ✭ 152 (-38.46%)
Mutual labels: infosec, social-engineering
Nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+2306.07%)
Mutual labels: infosec, redteam
Awesome Social Engineering
A curated list of awesome social engineering resources.
Stars: ✭ 1,110 (+349.39%)
Mutual labels: infosec, social-engineering
linkedinscraper
LinkedinScraper is an another information gathering tool written in python. You can scrape employees of companies on Linkedin.com and then create these employee names, titles and emails.
Stars: ✭ 22 (-91.09%)
Mutual labels: infosec, redteam
Gitlab Watchman
Monitoring GitLab for sensitive data shared publicly
Stars: ✭ 127 (-48.58%)
Mutual labels: infosec, redteam
Hershell
Hershell is a simple TCP reverse shell written in Go.
Stars: ✭ 442 (+78.95%)
Mutual labels: infosec, redteam
Chashell
Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
Stars: ✭ 742 (+200.4%)
Mutual labels: infosec, redteam
moonwalk
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚
Stars: ✭ 544 (+120.24%)
Mutual labels: infosec, redteam
Macro pack
macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
Stars: ✭ 1,072 (+334.01%)
Mutual labels: redteam, social-engineering
1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+1404.05%)
Mutual labels: infosec, redteam
volana
🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (-84.62%)
Mutual labels: infosec, redteam
Gorsh
A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface
Stars: ✭ 97 (-60.73%)
Mutual labels: infosec, redteam
Slack Watchman
Monitoring your Slack workspaces for sensitive information
Stars: ✭ 159 (-35.63%)
Mutual labels: infosec, redteam
CredsLeaker v4.x
A big shoutout to @ApSecDev who took this project to the next level!
Kudos!
This script used to display a powershell credentials box asked the user for credentials. However, That was highly noticeable. Now it's time to utilize Windows Security popup!
Features
- AD domain authentication validation.
- Tested on Windows 10 (1809, 1903, 1909) with Powershell version 5.1. Needs to be tested on 7\8\8.1\ Servers and different powershell versions.
- Can be modified (title, message etc.).
- Added WORKGROUP support (validation is done against the local SAM).
- Added parameters support. Now you can customize the messages, captions, IP's and ports from the command line.
Feature Additions in this fork
- Optimized for HID style scenerios
- Export to USB/CSV
- POST array and php handler for easy http customization
- Pipeline and dynamic switching between USB and HTTP export
- Timed delay for delayed deployment
- Delayed delivery of leaked credentials if delivery option unaccessible
- Config file to override default params pulled from USB first, Web second (if no USB). Pipeline option to override config file.
- Config file fully editable via web form (config.php) so script can be run completely on the fly with no need to alter command line params.
The box cannot be closed (only by killing the process) and will keep on checking the credentials against the DC. If credentials fail at the DC, then they are checked against local SAM so that local accounts are leaked even if the machine is a domain member. When validated, it will close and process via chosen method.
How To:
-
Start a web server and upload cl_reader.php, config.php, config.cl to desired path
-
Fill out parameter defaults in CredsLeaker.ps1
-
Edit Pipeline parameters in run.bat to desired scenerio
-
Execute run.bat file.
Thanks:
To Dviros for a great script that I have learned a ton from! To all my friends that helped to craft this script (specially @deanf)
Legal
This software is provided for educational use only (also with redteamers in mind). Don't use credsleaker without mutual consent. If you engage in any illegal activity the author does not take any responsibility for it. By using this software you agree with these terms.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].