PRINT
PRINT
SEND MAIL
SEND MAIL

CSIRT-Collect – PowerShell Script To Collect Memory And (Triage) Disk Forensics

A PowerShell script to collect memory and (triage) disk forensics for incident response investigations. The script leverages a network share, from which it will access and copy the required executables and subsequently upload the acquired evidence t...

Continue reading

CredPhish – A PowerShell Script Designed To Invoke Legitimate Credential Prompts And Exfiltrate Passwords Over DNS

CredPhish is a PowerShell script designed to invoke credential prompts and exfiltrate passwords. It relies on CredentialPicker to collect user passwords, Resolve-DnsName for DNS exfiltration, and Windows Defender's ConfigSecurityPolicy.exe to perform...

Continue reading

TokenTactics – Azure JWT Token Manipulation Toolset

Azure JSON Web Token ("JWT") Manipulation Toolset Azure access tokens allow you to authenticate to certain endpoints as a user who signs in with a device code. Even if they used multi-factor authentication. Once you have a user's access token, it ma...

Continue reading

Injector – Complete Arsenal Of Memory Injection And Other Techniques For Red-Teaming In Windows

Complete Arsenal of Memory injection and other techniques for red-teaming in WindowsWhat does Injector do? Process injection support for shellcode located at remote server as well as local storage. Just specify the shellcode file and it will do th...

Continue reading

SharpHook – Tool Tath Uses Various API Hooks In Order To Give Us The Desired Credentials

SharpHook is inspired by the SharpRDPThief project, It uses various API hooks in order to give us the desired credentials. In the background it uses the EasyHook project, Once the desired process is up and running SharpHook will automatically inject...

Continue reading

TChopper – Conduct Lateral Movement Attack By Leveraging Unfiltered Services Display Name To Smuggle Binaries As Chunks Into The Target Machine

New technique I have discovered recently and give it a nickname (Chop chop) to perform lateral movement using windows services display name and WMI by smuggling the malicious binary as base64 chunks and automate the process using the TChopper tool.Ho...

Continue reading

©2021 By Cyber Sec Labs

   

CONTACT US

We're not around right now. But you can send us an email and we'll get back to you, asap.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account