Python3 tool to perform password spraying against Microsoft Online service using various methods.Īctive Directory Integrated DNS dumping by any authenticated user.ĪDM DNS spoofing tools - Uses a variety of active and passive methods to spoof DNS packets. Simple admin panel finder for php,js,cgi,asp and aspx admin panels. A simple yet powerful VoIP Corporate Directory enumeration tool that mimics the behavior of an IP Phone in order to download the name and extension entries that a given phone can display on its screen interfaceĪctive Directory ACL exploitation with BloodHound.Īn LDAP based Active Directory user and group enumeration tool.Īctive Directory Assessment and Privilege Escalation Script.Ī pentesting tool that allows to find misconfiguration through the the protocol LDAP and exploit some of those weaknesses with kerberos.
Ssh – you can specify the protocol being used.Web security tool to make fuzzing at HTTP inputs, made in C with libCurl.īypassing WAF by abusing SSL/TLS Ciphers.Ī password dictionary attack tool that targets windows authentication via the SMB protocol.Īutomated Corporate Enumerator. t target, The IP address of host name of the target l telling Hydra you will provide a static login (you can use a file for multiple usernames instead). The options in Hydra are very straightforward: Hydra can be used to brute-force the following services:Īs a password/ log on cracker (hacking tool) – Hydra has been tested on the following protocols: afp Hydra is able to use external files for passwords, usernames, or username and password combinations.
(Similar projects and tools include medusa and John The Ripper). Hydra is very well-known and respected network log on cracker which can support many different services. Or another way, this presents a list if IPs that have SSH up: All of this along with the version of SSH that the server is running is output to a text file ssh_hosts: Here’s a simple example that will scan all computers on the subnet and report any devices listening on port 22. We are going to scan for the entire 10.1.100/24 subnet, but we could also scan for single host or a range. The first thing we will do is scan for SSH services listening on port 22.
0 kommentar(er)
