3 repository-uri
Modules for testing credentials against Server Message Block (SMB) file shares.
Distinguishing note: No candidates accurately capture the act of attacking SMB authentication specifically.
Explore 3 awesome GitHub repositories matching security & cryptography · SMB Attack Modules. Refine with filters or upvote what's useful.
Hydra is a network login password cracker and authentication tester designed to identify valid usernames and passwords through automated brute-force and dictionary attacks. It serves as a multi-protocol authentication tester capable of verifying credentials across a wide range of remote network services, including SSH, SMB, FTP, and various database listeners. The project is distinguished by its ability to execute parallelized password attacks against multiple servers and protocols simultaneously. It features a modular system for implementing diverse network authentication schemes, allowing f
Verifies workgroup and user credentials against remote SMB2 file shares to identify valid pairs.
WinPwn is a Windows penetration testing framework and security toolkit designed for auditing Active Directory and exploiting Windows environments. It provides a collection of automated tools and scripts for domain enumeration, credential theft, and privilege escalation. The toolkit distinguishes itself through capabilities for neutralizing antimalware scanning interfaces to evade detection and providing offline binary packaging for execution on isolated systems without internet access. It also includes specialized utilities for intercepting and relaying SMB authentication traffic to gain unau
Intercepts and relays SMB authentication traffic using session management to gain unauthorized network access.
WinPwn is a Windows penetration testing framework designed for conducting internal security assessments and privilege escalation. It functions as a suite for Active Directory security auditing, credential extraction, and the execution of privilege escalation scripts. The toolset enables the automation of SMB relay attacks to intercept and reuse authentication hashes. It provides specialized capabilities for retrieving passwords and hashes from system memory, registries, and browsers using obfuscated techniques to avoid detection. The framework covers broad capability areas including domain a
Intercepts and reuses authentication hashes via SMB-Relay attacks to access network resources.