Search the Community

MSSQLi-DUET - SQL Injection Script For MSSQL That Extracts Domain Users From An Active Directory Environment Based On RID Bruteforcing SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing. Supports various forms of WAF bypass techniques through the implementation of SQLmap tamper functions. Additional tamper functions can be incorporated by the user depending on the situation and environment. Comes in two flavors: straight-up Python script for terminal use, or a Burp Suite plugin for simple GUI navigation. Currently only supports union-based injection at the moment. More samples and test cases are required to fully test tool's functionality and accuracy. Feedback and comments are greatly welcomed if you encounter a situation it does not work. Custom tailoring the script and plugin to your needs should not be too difficult as well. Be sure to read the Notes section for some troubleshooting. Burp Suite Plugin After loading the plugin into Burp Suite, right-click on a request and send it to MSSQLi-DUET. More details on the parameters and such are described below. The request will populate in the request window, and only the fields above it need to be filled out. After hitting run the output will be placed in the results output box for easy copy pasting. [HIDE][Hidden Content]]

deREferencing deReferencing is an IDA Pro plugin that implements new registers and stack views. Adds dereferenced pointers, colors and other useful information, similar to some GDB plugins (e.g: PEDA, GEF, pwndbg, etc). Supports following architectures: x86, x86-64, ARM, ARM64, MIPS32 and MIPS64 [Hidden Content]