Overview CrackMapExec (CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of “Livin...

Overview SecretsDump performs various techniques to dump secrets from the remote machine without executing any agent there. For SAM and LSA Secrets (including cached creds) we try to read as much ...

Overview Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 200 fully featured services from data centers globally. 1. Certain products c...

Overview HashCat is a password cracking utility that allows various offline password attacks in order to reveal plaintext passwords from collection password hashes. Tool Name ...

Overview PowerShell-Empire is a post-exploitation framework that is built upon a large collection of PowerShell modules and scripts. It also contains various scripts written in C# and Python that ...

Overview MITM6 is a pentesting tool that exploits the default configuration of Windows to take over the default DNS server. It does this by replying to DHCPv6 messages, providing victims with a li...

Overview SrumECmd is a command line tool developed by Eric Zimmerman, to process the SRUM Database on Windows operating systems, identifying items such as: Executable filepaths Timestamps of...

Overview PHP is a popular general-purpose scripting language that is especially suited to web development. Fast, flexible and pragmatic, PHP powers everything from your blog to the most popular we...

Overview PHP, as many other languages, allows the inclusion of files in order to provide or extend the functionality of the current file 1. Local File Inclusion (LFI) attacks can exploit this file...

Overview My girlfriend was today playing an iOS game downloaded through the app store that presented a popup stating that her iPhone had been hacked! It is not unusual for free game downloaded to ...