rasta-mouse/MiscTools rasta-mouse/MiscTools

  • Stars
    star
    259
  • Rank 157,669 (Top 4 %)
  • Language
    C#
  • License
    GNU General Publi...
  • Created about 5 years ago
  • Updated about 4 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
rasta-mouse/MiscTools
github

rasta-mouse

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Miscellaneous Tools

MiscTools

CsExec

Command Exec / Lateral movement via PsExec-like functionality. Must be running in the context of a privileged user.

CsExec.exe <targetMachine> <serviceName> <serviceDisplayName> <binPath>

Also see TikiService.

CsPosh

Command Exec / Lateral Movement via PowerShell. Creates a PowerShell runspace on a remote target. Must be running in the context of a privileged user.

Usage:
  -t, --target=VALUE         Target machine
  -c, --code=VALUE           Code to execute
  -e, --encoded              Indicates that provided code is base64 encoded
  -o, --outstring            Append Out-String to code
  -r, --redirect             Redirect stderr to stdout
  -d, --domain=VALUE         Domain for alternate credentials
  -u, --username=VALUE       Username for alternate credentials
  -p, --password=VALUE       Password for alternate credentials
  -h, -?, --help             Show Help

CsWMI

Command Exec / Lateral Movement via WMI. Must be running in the context of a privileged user.

Current methods: ProcessCallCreate.

CsWMI.exe <targetMachine> <command> <method>

Also see The Return of Aggressor

CsDCOM

Command Exec / Lateral Movement via DCOM. Must be running in the context of a privileged user.

Current Methods: MMC20.Application, ShellWindows, ShellBrowserWindow, ExcelDDE.

Usage:
  -t, --target=VALUE         Target Machine
  -b, --binary=VALUE         Binary: powershell.exe
  -a, --args=VALUE           Arguments: -enc <blah>
  -m, --method=VALUE         Method: MMC20Application, ShellWindows,
                               ShellBrowserWindow, ExcelDDE
  -h, -?, --help             Show Help

CsEnv

Add user/machine/process environment variables.

CsEnv.exe <variableName> <value> <target>

Credits

Most code blatently stolen and adapted from:

More Repositories

1

Sherlock

PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.
PowerShell
1,831
star
2

Watson

Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities
C#
1,491
star
3

TikiTorch

Process Injection
C#
748
star
4

SharpC2

Command and Control Framework written in C#
C#
338
star
5

AmsiScanBufferBypass

Bypass AMSI by patching AmsiScanBuffer
C#
235
star
6

Aggressor-Script

Collection of Aggressor Scripts for Cobalt Strike
PowerShell
172
star
7

CsWhispers

Source generator to add D/Invoke and indirect syscall methods to a C# project.
C#
147
star
8

EWSToolkit

Abusing Exchange via EWS
C#
146
star
9

DInvoke

Dynamically invoke arbitrary unmanaged code from managed code without P/Invoke.
C#
130
star
10

RuralBishop

D/Invoke port of UrbanBishop
C#
102
star
11

PPEnum

Simple BOF to read the protection level of a process
C
95
star
12

SCMUACBypass

C++
88
star
13

SpawnWith

C++
84
star
14

ExternalC2.NET

.NET implementation of Cobalt Strike's External C2 Spec
C#
81
star
15

Fork-n-Run

C#
69
star
16

CollectorService

C#
50
star
17

Rosplant

C#
50
star
18

AsyncNamedPipes

Send and receive messages over Named Pipes asynchronously.
C#
39
star
19

AsyncSockets

Example of async client/server sockets in .NET 5
C#
16
star
20

Mjolnir

Shell
14
star
21

offensive-defence

HTML
13
star
22

McAfeeForOutlook

Beef hook OWA / Outlook
JavaScript
11
star
23

EncryptedKeyExchange

C#
11
star
24

p0wnedLoader

XSLT
9
star
25

SignalRDemo

C#
8
star
26

KerbTestApp

C#
7
star
27

SharpC2-Docs

Python
4
star
28

PacketAlchemy

Playing with packets in C#
C#
3
star
29

rastamouse.me

HTML
3
star
30

Invoke-XMRig

PowerShell
1
star