A BloodHound collector for Microsoft Configuration Manager
https://github.com/CrowdStrike/sccmhound
https://github.com/CrowdStrike/sccmhound
Peneter Tools
@peneter_tools
https://soheilsec.com
https://blog.peneter.com
@learnpentest
@peneter_com
@Peneter_News
@Peneter_Tools
@Peneter_Media
آموزش امنیت
https://www.youtube.com/@soheilsec
اخبار امنیت
https://www.youtube.com/@Peneter
Peneter Tools (Persian)
به کانال تلگرامی Peneter Tools خوش آمدید! این کانال یک منبع برتر برای آموزشها، اخبار و ابزارهای مرتبط با امنیت سایبری میباشد. در اینجا شما میتوانید آخرین اخبار امنیتی، مقالات تخصصی، ویدیوهای آموزشی و ابزارهای مورد نیاز برای انجام تست نفوذ و ارزیابی امنیتی را پیدا کنید. اگر به یادگیری تست نفوذ علاقهمند هستید، این کانال یک منبع بینظیر برای شروع و گامهای بعدی شما خواهد بود. با دنبال کردن این کانال، میتوانید از تجربیات حرفهای افراد صاحب نام در حوزه امنیت سایبری بهرهمند شوید و از جدیدترین ابزارها و تکنیکهای مورد استفاده در صنعت امنیت مطلع شوید. به Peneter Tools بپیوندید و به جامعهای پر از دانش امنیتی بپیوندید. برای دسترسی به آموزشها و مطالب بیشتر، حتما وبسایتهای معتبر ما را نیز دنبال کنید. همچنین، از کانالهای دیگر ما نیز با نامهای @learnpentest، @peneter_com، @Peneter_News و @Peneter_Media دیدن فرمایید. با ما همراه شوید تا به جهان پیچیده و متلاطم امنیت سایبری بهترین پاسخ را دهیم و همیشه یک گام جلوتر از تهدیدات امنیتی باشیم. پیوسته در کنار شما خواهیم بود تا امنیت دیجیتال خود را تضمین کنید. ما را در وبسایتهای https://soheilsec.com و https://blog.peneter.com دنبال کنید و ویدیوهای مفید ما را از https://www.youtube.com/@soheilsec و https://www.youtube.com/@Peneter تماشا کنید.
Peneter Tools
15 Dec, 19:17
A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and indirect NTAPIs for core operations.
https://github.com/safedv/RustSoliloquy
https://github.com/safedv/RustSoliloquy
Peneter Tools
14 Dec, 03:57
PendingFileRenameOperations + Junctions EDR Disable
https://github.com/rad9800/FileRenameJunctionsEDRDisable
https://github.com/rad9800/FileRenameJunctionsEDRDisable
Peneter Tools
12 Dec, 18:04
An advanced lateral movement technique to upload and execute custom payloads on remote targets.
Blog: https://www.deepinstinct.com/blog/forget-psexec-dcom-upload-execute-backdoor
https://github.com/deepinstinct/DCOMUploadExec
Blog: https://www.deepinstinct.com/blog/forget-psexec-dcom-upload-execute-backdoor
https://github.com/deepinstinct/DCOMUploadExec
Peneter Tools
06 Dec, 18:31
take ovet microsoft sccm
https://github.com/subat0mik/Misconfiguration-Manager/blob/main/attack-techniques/TAKEOVER/TAKEOVER-1/takeover-1_description.md
https://github.com/subat0mik/Misconfiguration-Manager/blob/main/attack-techniques/TAKEOVER/TAKEOVER-1/takeover-1_description.md
Peneter Tools
06 Dec, 18:24
ActiveScan++ Burp Suite Plugin
https://github.com/albinowax/ActiveScanPlusPlus
https://github.com/albinowax/ActiveScanPlusPlus
Peneter Tools
06 Dec, 17:19
Boot Execute allows native applications—executables with the NtProcessStartup entry point and dependencies solely on ntdll.dll—to run prior to the complete initialization of the Windows operating system.
https://github.com/rad9800/BootExecuteEDR
https://github.com/rad9800/BootExecuteEDR
Peneter Tools
06 Dec, 16:48
kapersky open-sourced GReAT’s plugin for the IDA Pro decompiler - an indispensable set of tools for analyzing malware, shellcodes, etc. Grab our secret ingredient for reverse engineering and check out the GIFs demonstrating its usage
https://github.com/KasperskyLab/hrtng
https://github.com/KasperskyLab/hrtng
Peneter Tools
27 Nov, 19:41
Test & upgrade your Linux security with:
- 31 persistence modules & 50+ techniques
- Easily revert changes post-testing
- Map to MITRE ATT&CK
- 10+ fresh additions: LD_PRELOAD, PAM backdoors, rootkits, and more!
https://github.com/Aegrah/PANIX
- 31 persistence modules & 50+ techniques
- Easily revert changes post-testing
- Map to MITRE ATT&CK
- 10+ fresh additions: LD_PRELOAD, PAM backdoors, rootkits, and more!
https://github.com/Aegrah/PANIX
Peneter Tools
25 Nov, 17:46
KrbRelayEx is a tool designed for performing Man-in-the-Middle (MitM) attacks by relaying Kerberos AP-REQ tickets. It listens for incoming SMB connections and forwards the AP-REQ to the target host, enabling access to SMB shares or HTTP ADCS (Active Directory Certificate Services) endpoints on behalf of the targeted identity.
https://github.com/decoder-it/KrbRelayEx
https://github.com/decoder-it/KrbRelayEx
Peneter Tools
25 Nov, 16:45
ShadowHound: A SharpHound Alternative Using Native PowerShell
https://github.com/Friends-Security/ShadowHound
blog:
https://blog.fndsec.net/2024/11/25/shadowhound/
https://github.com/Friends-Security/ShadowHound
blog:
https://blog.fndsec.net/2024/11/25/shadowhound/
Peneter Tools
25 Nov, 08:36
shellcode loader :
https://github.com/NtDallas/Ulfberht
https://github.com/xuanxuan0/DripLoader
https://github.com/NtDallas/Ulfberht
https://github.com/xuanxuan0/DripLoader
Peneter Tools
23 Nov, 03:38
A #Mythic Agent written in fully position independent (#PIC) C (plus a tiny bit of C++). It is based off the Stardust template created by C5pider.
https://github.com/MythicAgents/Hannibal
Articles:
• https://silentwarble.com/posts/making-monsters-1/
• https://silentwarble.com/posts/making-monsters-2/
• https://silentwarble.com/posts/making-monsters-3/
https://github.com/MythicAgents/Hannibal
Articles:
• https://silentwarble.com/posts/making-monsters-1/
• https://silentwarble.com/posts/making-monsters-2/
• https://silentwarble.com/posts/making-monsters-3/
Peneter Tools
23 Nov, 03:35
CVE-2024-48990: Linux LPE via needrestart
PATCHED: Nov 19, 2024
PoC: https://github.com/makuga01/CVE-2024-48990-PoC
Info: https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
PATCHED: Nov 19, 2024
PoC: https://github.com/makuga01/CVE-2024-48990-PoC
Info: https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
Peneter Tools
17 Nov, 07:24
TokenCert is a C# tool that will create a network token (LogonType 9) using a provided certificate via PKINIT. This way, we can have a make-token functionality using certificates instead of passwords. The tool was created after reading the excellent post "Understanding and evading Microsoft Defender for Identity PKINIT detection".
https://github.com/nettitude/TokenCert
https://github.com/nettitude/TokenCert
Peneter Tools
15 Nov, 17:54
fortimanager rce cve-2024-47575
https://github.com/rapid7/metasploit-framework/pull/19648
https://github.com/rapid7/metasploit-framework/pull/19648
Peneter Tools
15 Nov, 14:52
Complete list of LPE exploits for Windows (starting from 2023)
https://github.com/MzHmO/Exploit-Street
https://github.com/MzHmO/Exploit-Street
Peneter Tools
11 Nov, 02:48
Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive data in LSASS memory.
https://github.com/Offensive-Panda/ShadowDumper
https://github.com/Offensive-Panda/ShadowDumper
Peneter Tools
21 Oct, 08:40
USB Army Knife – the ultimate close access tool for penetration testers and red teamers.
https://github.com/i-am-shodan/USBArmyKnife
https://github.com/i-am-shodan/USBArmyKnife
1,200
subscribers
20
photos
3
videos
