Category: Tools

AV Evasion, Tools

New Powershell Mass Encrypt and Decrypt modules

PowerSploit’s Out-Encrypted.ps1 handles / encrypts one script at a time; encrypted file needs to be decrypted manually and then executed.

Wrote up new Powershell Mass Encrypt and Decrypt modules to handle your favorite set of powershell scripts easily.

Using PS-MassEncScript.ps1, encrypt multiple scripts with a password and a salt value, in one go. Use PS-DecScript.ps1 to decrypt & execute any of these encrypted files.

AV Evasion, Tools

Powersploit – AV Evasion

[Quick Notes] Powersploit – AV Evasion

On my pentest engagements, I primarily use Powershell (PS) & PS based exploitation tools & frameworks like CME, Empire, Powersploit, Nishang, Veil, etc, along with Metasploit & other tools.

This short writeup is one of the AV evasion scenarios. Posting here for reference.

Tools

[ICS] Meteocontrol WEB’log password extraction – Metasploit module

Meteocontrol WEB’log password extraction – Metasploit module
 
Posted here:
https://github.com/juushya/Scripts/
https://www.exploit-db.com/exploits/39822/

 

+++++

Cheers!

Tools

Metasploit module – Cisco Ironport Enum

Fellas, my new metasploit auxiliary module for Cisco Ironport appliances – WSA, SMA or ESA – is checked in this week’s update. This module automates fingerprinting and brute forcing of login accounts.

Tools

New Metasploit Modules

I wrote new Metasploit auxiliary modules & they landed at master branch recently.

http://www.metasploit.com/modules/auxiliary/scanner/http/sevone_enum
http://www.metasploit.com/modules/auxiliary/scanner/http/rfcode_reader_enum
http://www.metasploit.com/modules/auxiliary/scanner/http/infovista_enum

This next module for CA eHealth application –

Tools

Lynis v1.2.6 – Security & System Auditing Tool

Project information:

Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.