GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → GoFetchAD → Gofetch

GoFetchAD / Gofetch

Licence: other
GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.

Programming Languages

powershell
5483 projects

Labels

securityactive-directory

Projects that are alternatives of or similar to Gofetch

PowEnum
Executes common PowerSploit Powerview functions then combines output into a spreadsheet for easy analysis.
Stars: ✭ 62 (-88.58%)
Mutual labels:  active-directory
Pywerview
A (partial) Python rewriting of PowerSploit's PowerView
Stars: ✭ 292 (-46.22%)
Mutual labels:  active-directory
Plumhound
Bloodhound for Blue and Purple Teams
Stars: ✭ 452 (-16.76%)
Mutual labels:  active-directory
active-directory-integration2
WordPress plug-in "Next Active Directory Integration"
Stars: ✭ 51 (-90.61%)
Mutual labels:  active-directory
itops
基于Python + Django的AD\Exchange管理系统
Stars: ✭ 113 (-79.19%)
Mutual labels:  active-directory
Laravel Enterprise Starter Kit
👔 Enterprise Web application starter kit or template using Laravel
Stars: ✭ 356 (-34.44%)
Mutual labels:  active-directory
cracke-dit
cracke-dit ("Cracked It") makes it easier to perform regular password audits against Active Directory environments.
Stars: ✭ 102 (-81.22%)
Mutual labels:  active-directory
Crackmapexec
A swiss army knife for pentesting networks
Stars: ✭ 5,445 (+902.76%)
Mutual labels:  active-directory
Kerberos.net
A Kerberos implementation built entirely in managed code.
Stars: ✭ 268 (-50.64%)
Mutual labels:  active-directory
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-29.65%)
Mutual labels:  active-directory
werther
An Identity Provider for ORY Hydra over LDAP
Stars: ✭ 103 (-81.03%)
Mutual labels:  active-directory
Server-Help
💻 This VSTO Add-In allows the user to ping a list of servers and creates a file for Microsoft Remote Desktop Manager an Excel table. This is used for quickly determining which servers are offline in a list. It is written in 3 different versions as a VSTO Add-In in C# and VB.NET as well as a VBA Add-In.
Stars: ✭ 21 (-96.13%)
Mutual labels:  active-directory
Hunter
(l)user hunter using WinAPI calls only
Stars: ✭ 359 (-33.89%)
Mutual labels:  active-directory
OpenAM
OpenAM is an open access management solution that includes Authentication, SSO, Authorization, Federation, Entitlements and Web Services Security.
Stars: ✭ 476 (-12.34%)
Mutual labels:  active-directory
Darthsidious
Building an Active Directory domain and hacking it
Stars: ✭ 479 (-11.79%)
Mutual labels:  active-directory
PowerShellGUI
PowerShell scripts that generate Graphical User Interface (GUI)
Stars: ✭ 17 (-96.87%)
Mutual labels:  active-directory
Pode
Pode is a Cross-Platform PowerShell web framework for creating REST APIs, Web Sites, and TCP/SMTP servers
Stars: ✭ 329 (-39.41%)
Mutual labels:  active-directory
Aclight
A script for advanced discovery of Privileged Accounts - includes Shadow Admins
Stars: ✭ 536 (-1.29%)
Mutual labels:  active-directory
Orgkit
Provision a brand-new company with proper defaults in Windows, Offic365, and Azure
Stars: ✭ 490 (-9.76%)
Mutual labels:  active-directory
Vulnerable Ad
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
Stars: ✭ 360 (-33.7%)
Mutual labels:  active-directory
View All Similar Projects ➔

GoFetch

GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.

GoFetch first loads a path of local admin users and computers generated by BloodHound and converts it to its own attack plan format. Once the attack plan is ready, GoFetch advances towards the destination according to plan step by step, by successively applying remote code execution techniques and compromising credentials with Mimikatz.

Watch Invoke-GoFetch in action

GoFetch has two different versions:

Chain reaction:

Invoke-GoFetch (written in PowerShell to avoid Python installation prereq), implements a recursion that reads the full path, dumps the relevant credentials with Invoke-Mimikatz, and then copy and execute itself using Invoke-PsExec on the next relevant machine guided by the network path.

One computer to rule them all:

Python based code (a video of this version demonstrated at BlackHat Europe 2016), using a technique where one centralized computer is doing the job of connecting to each computer in the path, in the right order, to steal credentials (using Mimikatz), and use them to connect to the next machine in the path.

Getting started with Invoke-GoFetch

Place GoFetch folder on the first machine of the attack path, in a session of the first user.

Parameters

  • -PathToGraph - Path to the BloodHound exported Graph which includes a path between two users.

  • -PathToPayload (optional) -
    Path to local payload file .exe/.bat/.ps1 to run on next nodes in the path.

Examples

  • Usage to get the credentials along the path:
.\Invoke-GoFetch.ps1 -PathToGraph .\pathFromBloodHound.json
  • Usage to get the credentails along the path and execute additional payload on each:
.\Invoke-GoFetch.ps1 -PathToGraph .\graphExample.json -PathToPayload .\payload.exe

Prerequisites

  • Invoke-GoFetch is able to run from any version of Windows through Windows 7 that has PowerShell v2 or higher installed and .Net 3.5 or higher.
  • Invoke-Mimikatz - is included with a change in the Mimikatz DLL which allows the execution of the PowerShell file with additional arguments.
  • Invoke-Psexec - is included without changes.

Logic

Alt text

Contributers

See also the list of contributors who participated in this project.

Acknowledgments

Thanks for great tools that reminds us every day to secure our machines.

License

This project is licensed under the MIT License - see the LICENSE.md file for details

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].