DeathStar is a Python script that uses Empire’s RESTful API to automate gaining Domain Admin rights in Active Directory environments using a variety of techinques.
How to Uninstall Avira 2016
In this tutorial you will learn how to uninstall Avira Antivirus from your system, without leaving a single trace of it. Be sure to follow along with this guide, because there are a few small hitches at the end. How to Uninstall Avira Antivirus: Head over to Windows Settings menu, choose System and then Apps … Read more
Yeti – Open Distributed Threat Intelligence
What is this?
Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository. Yeti will also automatically enrich observables (e.g. resolve domains, geolocate IPs) so that you don’t have to. Yeti provides an interface for humans (shiny Bootstrap-based UI) and one for machines (web API) so that your other tools can talk nicely to it.
mitmAP – Create Fake AP and Sniff Data
new in 2.0:
- SSLstrip2 for HSTS bypass
- Image capture with Driftnet
- TShark for command line .pcap capture
Automated DLL Enumerator: rattler
Rattler helps identify which application DLL’s are vulnerable to DLL preloading attacks. In a nutshell, DLL preloading attacks allow you to trick applications into loading and executing malicious DLL’s. DLL preloading attacks can result in escalation of privileges, persistence and RCE in some cases. While preloading attacks are nothing new, there were some interesting results found. For more information on DLL security, I found this link to be helpful.
Microsoft CNG/CryptoAPI Tor Protocol Implementation PoC
mini-tor is a proof-of-concept utility for accessing internet content and hidden service content (.onion) via tor routers. this utility is aiming for as smallest size as possible (currently ~47kb, compressed with kkrunchy ~20kb), which is achieved by using Microsoft CryptoAPI/CNG instead of embedding OpenSSL.