k3mloldeblog

Windows

• CrackMapExec
• Microsoft Azure Active Directory Connect

cmd

powershell

AD

[RECOMMEND TOOL]
FireEye’s Red Team Tools

collect information

https://github.com/tevora-threat/SharpView

SharpHound uses native Windows API functions and LDAP functions to collect data from domain controllers and domain-joined Windows systems

https://github.com/BloodHoundAD/SharpHound
https://github.com/BloodHoundAD/SharpHound3 [new version]

MITM

https://github.com/GhostPack/Seatbelt

https://github.com/Kevin-Robertson/InveighZero

https://github.com/SecureAuthCorp/impacket

Credential Dumping

https://github.com/hoangprod/AndrewSpecial

https://github.com/GhostPack/SafetyKatz

https://github.com/GhostPack/Rubeus

extraction of KeePass 2.x password database information from memory
https://github.com/denandz/KeeFarce

Combination

• https://github.com/cobbr/SharpSploit

Bypass

• https://github.com/med0x2e/GadgetToJScript

reference

• https://attivonetworks.com/defending-against-adversaries-using-fireeyes-stolen-red-team-tools/