Search the Community

A tool to spray Shadow Credentials across an entire domain in hopes of abusing long-forgotten GenericWrite/GenericAll DACLs over other objects in the domain. Why this tool In a lot of engagements, I see (in BloodHound) that the group “Everyone” / “Authenticated Users” / “Domain Users” or some other wide group, which contains almost all the users in the domain, has some GenericWrite/GenericAll DACLs over other objects in the domain. [hide][Hidden Content]]

What is Shadow Defender ? Shadow Defender is an easy-to-use security solution (for Windows operating systems) that protects your PC/laptop real environment against malicious activities and unwanted changes. Shadow Defender can run your system in a virtual environment called 'Shadow Mode'. 'Shadow Mode' redirects each system change to a virtual environment with no change to your real environment. If you experience malicious activities and/or unwanted changes, perform a reboot to restore your system back to its original state, as if nothing happened. With Shadow Defender, you have the flexibility to specify which files and folders are permanently saved to the real environment. This ensures important files and folders are kept after a reboot. If you want to make a maintenance-free computer, Shadow Defender will be your best choice. Shadow Defender Features 1. Prevent all viruses and malwares. 2. Surf the internet safely and eliminate unwanted traces. 3. Protect your privacy. 4. Eliminate system downtime and maintenance costs. 5. Reboot to restore your system back to its original state. Shadow Defender Users 1. Maintain a system free from malicious activities and unwanted changes. 2. Test software and game installations in a safe environment. 3. Protect against unwanted changes by shared users (suitable for workplaces and educational institutions). [Hidden Content] [hide][Hidden Content]]

WebKit suffers from a user-agent shadow root leak in WebCore::ReplacementFragment::ReplacementFragment. View the full article

[Hidden Content]

Zydra is a file password recovery tool and Linux shadow file cracker. It uses the dictionary search or Brute force method for cracking passwords. Supported Files RAR Files Legacy ZIP Files PDF Files Linux Shadow Files (zydra can find all the user’s password in the linux shadow file one after the other) [HIDE][Hidden Content]]

AutoRDPwn is a script created in Powershell and designed to automate the Shadow attack on Microsoft Windows computers. This vulnerability allows a remote attacker to view his victim's desktop without his consent, and even control it on request. For its correct operation, it is necessary to comply with the requirements described in the user guide. Requirements Powershell 4.0 or higher Changes Version 4.8 • Compatibility with Powershell 4.0 • Automatic copy of the content to the clipboard (passwords, hashes, dumps, etc.) • Automatic exclusion in Windows Defender (4 different methods) • Remote execution without password for PSexec, WMI and Invoke-Command • New available attack: DCOM Passwordless Execution • New available module: Remote Access / Metasploit Web Delivery • New module available: Remote VNC Server (designed for legacy environments) • Autocomplete the host, user and password fields by pressing Enter • It is now possible to run the tool without administrator privileges with the -noadmin parameter *The rest of the changes can be consulted in the CHANGELOG file Use This application can be used locally, remotely or to pivot between computers. Thanks to the additional modules, it is possible to dump hashes and passwords, obtain a remote shell, upload and download files or even recover the history of RDP connections or passwords of wireless networks. One line execution: powershell -ep bypass "cd $env:temp ; iwr [Hidden Content] -outfile AutoRDPwn.ps1 ; .\AutoRDPwn.ps1" The detailed guide of use can be found at the following link: [Hidden Content] [HIDE][Hidden Content]]

AutoRDPwn is a script created in Powershell and designed to automate the Shadow attack on Microsoft Windows computers. This vulnerability allows a remote attacker to view his victim's desktop without his consent, and even control it on request. For its correct operation, it is necessary to comply with the requirements described in the user guide. Requirements Powershell 5.0 or higher Changes Version 4.5 • New ninja style icon! • Automatic cleaning of Powershell history after execution • Now all dependencies are downloaded from the same repository • Many errors and bugs fixed • UAC & AMSI bypass in 64-bit systems • New module available: Remote Desktop Forensics • New module available: Disable system logs (Invoke-Phant0m) • New module available: Sticky Keys Hacking • New available module: Local Port Forwarding • New available module: Powershell Web Server • New available attack: Session Hijacking (passwordless) WARNING! This attack is very intrusive and can only be used locally *The rest of the changes can be consulted in the CHANGELOG file Use This application can be used locally, remotely or to pivot between computers. Thanks to the additional modules, it is possible to dump hashes and passwords or even recover the history of RDP connections. One line execution: powershell -ep bypass "cd $env:temp ; iwr [Hidden Content] -outfile AutoRDPwn.ps1 ; .\AutoRDPwn.ps1" The detailed guide of use can be found at the following link: [HIDE][Hidden Content]] Screenshots Download: [HIDE][Hidden Content]]