• Stars
    star
    162
  • Rank 232,284 (Top 5 %)
  • Language
    PowerShell
  • Created over 7 years ago
  • Updated over 7 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)

NTLMInjector

In case you didn't now how to restore the user password after you have done a user password resset (Reminder: get the hash previous with DCSync as domain admin)

Right required: user reset password (no domain admin) Works remotely

Done using SamSetInformationUser(SAMPR_USER_INTERNAL1_INFORMATION)

Know caveat: Kerberos AES256 (and other special keys) not changed

SetNTLM

Change the password based on the user hash (or password) Bonus: bypass security policies for checking password strength

(but avoid security filter which can cause problem when synchronizing password in Enterprise environment)

More Repositories

1

pingcastle

PingCastle - Get Active Directory Security at 80% in 20% of the time
C#
2,140
star
2

MakeMeEnterpriseAdmin

PowerShell
251
star
3

SpoolerScanner

Check if MS-RPRN is remotely available with powershell/c#
PowerShell
173
star
4

PingCastleCloud

Audit program for AzureAD
C#
144
star
5

SmbScanner

Smb Scanner from PingCastle
PowerShell
118
star
6

GidsApplet

Generic Identity Device Specification Applet
Java
101
star
7

ms17-010-Scanner

PowerShell
59
star
8

DetectPasswordViaNTLMInFlow

Extract the password of the current user from flow (keylogger, config file, ..) Use SSPI to get a valid NTLM challenge/response and test passwords
C++
57
star
9

TestAntivirus

Test if an antivirus is installed via the resolution of the service virtual SID
PowerShell
54
star
10

Bluekeep-scanner

BlueKeep powershell scanner (based on c# code)
PowerShell
40
star
11

OpenPGP-CSP

A CSP for the OpenPGP card - goal: add write support for certificate enrollment
C++
37
star
12

RPCForSMBLibrary

Extension of SMBLibrary for RPC calls
C#
33
star
13

OxidBindings

Extract all IP of a computer using DCOM without authentication (aka detect network used for administration)
PowerShell
24
star
14

ADSecrets

Set of ultra technical notes about AD
C#
18
star
15

openpgpmdrv

OpenPGP smart card minidriver
C
10
star
16

SubAuth

Sub Authentication package (for the talk you "try" to detect mimikatz)
C++
5
star
17

Cyrating2TH

Cyrating Reputation alert importer for TheHive, an Open Source and Free Security Incident Response Platform
Python
5
star
18

PingCastlePatrOwl

An Engine for PatrOwl allowing to run PingCastle scans
C#
4
star
19

PINSniff

capture smart card pin via a filter driver (demo of you "try" to detect mimikatz)
C
3
star
20

PingCastlePowerBIConnector

PowerBI Connector for PingCastle Enterprise
2
star
21

conferences

1
star
22

ExploitIncomingForestTrustBuilder

C++
1
star