blackarrowsec/Handly

Stars
130
Rank 277,575 (Top 6 %)
Language
C#
License
Apache License 2.0
Created 12 months ago
Updated 12 months ago

blackarrowsec/Handly

blackarrowsec

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Abuse leaked token handles.

Handly

Leverage leaked token handles to perform privilege escalation. This technique has been detailed in this post.

The technique is implemented for the following technologies:

IIS: A simple ASPX webshell is provided that lists the available user tokens and allows to impersonate them to run an arbitrary executable present in the compromised host.
MSSQL: A python script is provided that will load several C# assemblies, allowing to manipulate the user tokens available in the MSSQL's process memory.

redteam-research

Collection of PoC and offensive techniques used by the BlackArrow Red Team

mssqlproxy

mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse

pivotnacci

A tool to make socks connections through HTTP agents

EAP_buster

EAP_buster is a simple bash script that lists what EAP methods are supported by the RADIUS server behind a WPA-Enterprise access point

wappy

Discover web technologies in web applications from your terminal

malware-research

Malware campaigns and APTs research by BlackArrow

advisories

Advisories and Proofs of Concept by BlackArrow

wap

Wappalyzer python library

fozar

Fozar allows you to traverse commits across multiple repositories matching against user supplied regex

tactical-hunting

EDR-Evaluation-Methodology

This project implements a methodology for evaluating EDR solutions according to our Threat Hunting model