Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to

existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile

and so much more. This message will be removed once you have signed in.

Active Hackers

The best community of active hackers. This community has been working in hacking for more than 10 years.

 

Hacker Forum

Hacker from all countries join this community to share their knowledge and their hacking tools

    Hacking Tools

    You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.

      PRIV8

      Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.

      Read Rules

      In this community we follow and respect rules, and they are the same for everyone, regardless of the user's rank. Read the rules well not to be prohibited.

      Sign in to follow this  
      itsMe

      evil-winrm v3.3 - Windows Remote Management shell for pentesting

      Recommended Posts

      Staff

      Hidden Content

        Give reaction to this post to see the hidden content.

      Evil-WinRM

      This shell is the ultimate WinRM shell for hacking/pentesting.

      WinRM (Windows Remote Management) is the Microsoft implementation of the WS-Management Protocol. A standard SOAP-based protocol that allows hardware and operating systems from different vendors to interoperate. Microsoft included it in their Operating Systems in order to make life easier to system administrators.

      This program can be used on any Microsoft Windows Servers with this feature enabled (usually at port 5985), of course only if you have credentials and permissions to use it. So we can say that it could be used in a post-exploitation hacking/pentesting phase. The purpose of this program is to provide nice and easy-to-use features for hacking. It can be used with legitimate purposes by system administrators as well but most of its features are focused on hacking/pentesting stuff.

      Features

          Command History
          WinRM command completion
          Local files completion
          Upload and download files
          List remote machine services
          FullLanguage Powershell language mode
          Load Powershell scripts
          Load in memory dll files bypassing some AVs
          Load in memory C# (C Sharp) compiled exe files bypassing some AVs
          Colorization on output messages (can be disabled optionally)

      Changelog v3.3

          Fixed missing output messages for Invoke-Binary
          Extracted AMSI bypass from the menu to avoid menu problems due to M$ AV signatures
          Dynamic AMSI bypass implemented to avoid AV signatures

      Hidden Content

        Give reaction to this post to see the hidden content.

      Share this post


      Link to post
      Share on other sites

      Join the conversation

      You can post now and register later. If you have an account, sign in now to post with your account.
      Note: Your post will require moderator approval before it will be visible.

      Guest
      Reply to this topic...

      ×   Pasted as rich text.   Paste as plain text instead

      ×   Your link has been automatically embedded.   Display as a link instead

      Sign in to follow this  

      • Similar Content

        • By itsMe
          CrackerJack is a Web GUI for Hashcat developed in Python.

          Hidden Content
          Give reaction to this post to see the hidden content. Architecture
          This project aims to keep the GUI and Hashcat independent. In a nutshell, here’s how it works:
              User uploads hashes select wordlist/rules/mask etc, and clicks “start”.
              Web server spawns a new screen.
                  Generates the hashcat command based on the settings.
                  Runs the command on the screen.
                  Monitors the screen’s output, parses it and displays it in the GUI.
          This allows CrackerJack to be future-proof as it ties to the input/output of Hashcat. Also, if the GUI is not working for whatever reason, hashcat will keep running.
          Features
              Minimal dependencies
                  Uses sqlite3, screen, and hashcat.
              Complete hashcat session management.
                  Start/stop/pause/restore running sessions.
                  Terminate cracking jobs after a specific date/time.
              Web interface for mask generation (?a?l?u).
              Web Push notifications when a password is cracked.
              Swagger 2.0 API.
              Create wordlists from already cracked passwords and feedback into the cracking session.
              Session history to track which attacks you have already performed.
              Multi-user support (local and/or LDAP).
              Wordlist/Mask/Rule support.
              Multiple theme support (Bootswatch).
              Straight-forward setup.
                  The entire configuration is via the GUI. No need for manually editing config files.
                  Run locally on Linux and Windows (WSL).
                  Install on a server using ansible scripts (Ubuntu 14/16/18 and CentOS 7/8).
                  Easy backups – all user data are in the ./data directory.
              Troubleshoot sessions via SSH.

          Hidden Content
          Give reaction to this post to see the hidden content. Limitations
              Not a solution for queueing jobs – it’s only for on-demand password cracking.
              Not meant to be a replacement for command-line usage. It’s complimentary and only supports basic and most common cracking tasks.
              Will not install any GPU drivers. The main assumption is that you have a cracking rig already set up and are looking for a Web GUI.
              Wordlists and rules should already be present in the system.
          Changelog v1.1.2
              [New] Added “Test Connection” feature to LDAP settings.

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. EasyUEFI Windows To Go Upgrader Enterprise – is a software which can help you to upgrade your Windows To Go Workspace from lower version to higher version, even if the Windows To Go drive is encrypted by using BitLocker Drive Encryption.
          With this software, you can easily upgrade Windows 8.0 To Go to Windows 8.1 To Go, Windows 8.x To Go to Windows 10 To Go, or even upgrade Windows 10 To Go (lower build number) to Windows 10 To Go (higher build number).
          Features
          • Easily upgrade Windows 8.0 To Go to Windows 8.1 To Go, Windows 8.x To Go to Windows 10 To Go, Windows 10 To Go to Windows 10 To Go.
          • Upgrade Windows To Go encrypted by BitLocker Drive Encryption.
          • Upgrade Legacy Windows To Go Workspace.
          • Upgrade VHD/VHDX based Windows To Go Workspace.
          • Check whether a Windows To Go drive can be upgraded before you buy.
          • Support for upgrading Windows To Go workspace to the latest version of Windows 10.
          What’s New
          * Add support for upgrading Windows To Go to Windows 11
          * Add support for VirtualBox V6.1.26
          Hidden Content
          Give reaction to this post to see the hidden content.

          Hidden Content
          Give reaction to this post to see the hidden content.  
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. Activate the Windows 10, 11 permanently with digital License.
          Advanced startup options (keys):
          /activate - Launch the program in hidden mode.

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. Summary
          Gel4y Webshell is a backdoor built using the PHP programming language with the PHP procedural method in stealth mode where the file size will not exceed 15KB. Each function has been converted into a hex code to allow this webshell to penetrate the WAF (Firewall) server system.
          Features
              Multiple File Upload
              Create Folder and File
              File Download
          Bypassed
              403 Forbidden
              406 Not Acceptable
              Imunify360

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. Goblin for Phishing Exercise Tools
          Goblin is a phishing rehearsal tool for red-blue confrontation. By using a reverse proxy, it is possible to obtain information about a user without affecting the user’s operation perceptibly or to induce the user’s operation. The purpose of hiding the server-side can also be achieved by using a proxy. Built-in plug-in, through a simple configuration, quickly adjusts the content of the web page to achieve a better exercise effect.
          Features
              Support for caching static files to speed up access.
              Supports dumping all requests, dumping requests that match the rules.
              Support quick configuration through plug-ins to adjust inappropriate jumps or content.
              Support for implanting specific javascript code.
              Support for modifying the content of responses or goblin requests.
              Support hiding real IP by proxy.

          Hidden Content
          Give reaction to this post to see the hidden content.