Nishang is a PowerShell-based offensive security framework designed for red teaming and penetration testing on Windows targets. It functions as a post-exploitation toolkit and payload generator to automate attacks and manage remote targets. The project provides specialized capabilities for bypassing security controls, such as disabling the Antimalware Scan Interface and employing in-memory execution to avoid disk-based detection. It includes a variety of stealthy command and control mechanisms, utilizing non-standard channels like DNS TXT records, ICMP traffic, and webmail for communication a
Mimikatz is a security research suite designed for auditing Windows authentication and managing system security configurations. It provides a comprehensive framework for extracting sensitive credentials, manipulating process privileges, and managing digital identity assets directly from system memory or offline memory dumps. The project distinguishes itself through advanced system-level exploitation techniques, including runtime process injection, API hooking, and the ability to bypass cryptographic export restrictions. It features a specialized toolkit for Kerberos protocol operations, allow
CrackMapExec is a network penetration testing framework and automated security scanner designed to assess security postures across large IP ranges. It functions as a multi-protocol security scanner and network protocol auditor used to identify vulnerabilities and misconfigurations. The tool provides capabilities for Active Directory auditing to enumerate users and permissions, as well as post-exploitation enumeration to gather system metadata and discover lateral movement paths. It includes a framework for credential spraying and harvesting across various network services. The system utilize
Rubeus is a comprehensive Kerberos attack toolkit for Active Directory environments, written in C#. It provides a full suite of operations for manipulating Kerberos tickets, exploiting delegation configurations, and performing credential attacks against Windows domains. The toolkit enables ticket extraction from logon sessions and memory, with real-time monitoring via Event Tracing for Windows. It supports forging golden and silver tickets with arbitrary privileges, as well as the creation of forged delegation contexts. Delegation attacks include abuse of constrained and unconstrained delegat
PowerSploit is a collection of PowerShell modules designed for security assessment, penetration testing, and red team operations. It provides a framework for auditing Windows system configurations and evaluating the effectiveness of security defenses within an enterprise environment.
Las características principales de powershellmafia/powersploit son: Penetration Testing Suites, Offensive & Red Team Operations, Arbitrary, Windows Administration Utilities, Privilege Escalation Tools, Memory-Only Execution, Reflective Loading Mechanisms, Threat Simulation Tools.
Las alternativas de código abierto para powershellmafia/powersploit incluyen: samratashok/nishang — Nishang is a PowerShell-based offensive security framework designed for red teaming and penetration testing on Windows… gentilkiwi/mimikatz — Mimikatz is a security research suite designed for auditing Windows authentication and managing system security… byt3bl33d3r/crackmapexec — CrackMapExec is a network penetration testing framework and automated security scanner designed to assess security… ghostpack/rubeus — Rubeus is a comprehensive Kerberos attack toolkit for Active Directory environments, written in C#. It provides a full… empireproject/empire — Empire is a command and control framework and post-exploitation toolkit used for network penetration testing. It… fortra/impacket — Impacket is a collection of Python classes designed for the construction, manipulation, and analysis of low-level…