Git
/
mgeeky-Penetration-Testing-Tools
mirror of https://github.com/mgeeky/Penetration-Testing-Tools.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mgeeky-Penetration-Testing-.../windows
History
Mariusz B b0d285951d Readmes fixed. 2018-02-02 22:53:23 +01:00
..
GlobalProtectDisable.cpp First 2018-02-02 22:22:43 +01:00
README.md Readmes fixed. 2018-02-02 22:53:23 +01:00
awareness.bat First 2018-02-02 22:22:43 +01:00
pth-carpet.py First 2018-02-02 22:22:43 +01:00
win-clean-logs.bat First 2018-02-02 22:22:43 +01:00

README.md

Windows penetration testing related scripts, tools and Cheatsheets

  • awareness.bat - Little and quick Windows Situational-Awareness set of commands to execute after gaining initial foothold (coming from APT34: https://www.fireeye.com/blog/threat-research/2016/05/targeted_attacksaga.html ) (gist)

  • GlobalProtectDisable.cpp - Global Protect VPN Application patcher allowing the Administrator user to disable VPN without Passcode. (gist)

    Steps are following:

    1. Launch the application as an Administrator
    2. Read instructions carefully and press OK
    3. Right-click on GlobalProtect tray-icon
    4. Select "Disable"
    5. Enter some random meaningless password

    After those steps - the GlobalProtect will disable itself cleanly. From now on, the GlobalProtect will remain disabled until you reboot the machine (or restart the PanGPA.exe process or PanGPS service).

  • pth-carpet.py - Pass-The-Hash Carpet Bombing utility - trying every provided hash against every specified machine. (gist)

  • win-clean-logs.bat - Batch script to hide malware execution from Windows box. Source: Mandiant M-Trends 2017. (gist)