Category: RDP

DistributedFireworkNEW TOOLSNTLMPenetration TestRDPRed TeamSocial EngineeringTLS

Firework – Leveraging Microsoft Workspaces in a Penetration Test

Firework is a proof of concept tool to interact with Microsoft Workplaces creating valid files required for the provisioning process. The tool also wraps some code from Responder to leverage its ability to capture NetNTLM hashes from a system that provisions a Workplace feed via it.This tool may be used as part of a penetration test or red team exercise to create a .wcx payload (and associated feed) that if clicked on could be used to:Phish for credentials - NetNTLM hashes will be sent…

Blue TeamForensic AnalysisForensics InvestigationsInfrastructure MonitoringNEW TOOLSRDPRed TeamRemote Desktop Caching

Remote Desktop Caching – Tool To Recover Old RDP (mstsc) Session Information In The Form Of Broken PNG Files

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.ScreenshotsOn the first run…

Dll HijackingFeaturedIndustrial threatsInternet BankingRAT TrojanRDPSecurity FeedsSocial EngineeringSpywareTargeted Attacks

Attacks on industrial enterprises using RMS and TeamViewer

Main facts Kaspersky Lab ICS CERT has identified a new wave of phishing emails with malicious attachments targeting primarily companies and organizations that are, in one way or another, associated with industrial production. The phishing emails are disguised as legitimate commercial offers and are sent mainly to industrial companies located in Russia. The content of each email reflects the activity of the organization under attack and the type of work performed by the employee to whom the email is sent. According to the data…

CalculatorDNSlookupICMPIp ScannerNetwork InterfaceNETworkManagerNEW TOOLSPingPort ScannerRDPSubnetToolTracerouteTracertWakeonlan

NETworkManager – A Powerful Tool For Managing Networks And Troubleshoot Network Problems

A powerful tool for managing networks and troubleshoot network problems!FeaturesNetwork Interface - Information, ConfigureIP-ScannerPort-ScannerPingTracerouteDNS LookupRemote DesktopPuTTYSNMP - Get, Walk, Set (v1, v2c, v3)Wake on LANHTTP HeadersSubnet Calculator - Calculator, Subnetting, SupernettingLookup - OUI, PortConnectionsListenersARP TableLanguagesEnglishGermanRussianSystem requirementsWindows 7 or later.NET-Framework 4.6RDP 8.1 (How to install RDP 8.1 on Windows 7/Server 2008 R2?)Download NETworkManager

ADELARPAWSBeeswarmBreadcrumbsgolangHoneybitsHoneyTokenHoneytrapMySQLNEW TOOLSNmapPcapRDPRegistry

Honeybits – A Simple Tool Designed To Enhance The Effectiveness Of Your Traps By Spreading Breadcrumbs & Honeytokens Across Your Systems

A simple tool designed to enhance the effectiveness of your traps by spreading breadcrumbs & honeytokens across your production servers and workstations to lure the attacker toward your honeypots.Author: Adel "0x4D31" Karimi.BackgroundThe problem with the traditional implementation of honeypots in production environments is that the bad guys can ONLY discover the honeypots by network scanning which is noisy! The only exception I can think of is Beeswarm (it intentionally leaks credentials in the network traffic and then looks for the unexpected reuse of these…