{"uuid": "7e3bc70a-c31c-44b4-81af-5d0738454d46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/2089", "content": "address of these users so that you can target their box. Link: https://github.com/HunnicCyber/SharpSniper SharpSphere: Description: SharpSphere gives red teamers the ability to easily interact with the guest operating systems of virtual machines managed by vCenter Link: https://github.com/JamesCooteUK/SharpSphere SharpSpray: Description: SharpSpray a simple code set to perform a password spraying attack against all users of a domain using LDAP and is compatible with Cobalt Strike. Link: https://github.com/jnqpblc/SharpSpray SharpSQLPwn: Description: C# tool to identify and exploit weaknesses with MSSQL instances in Active Directory environments Link: https://github.com/lefayjey/SharpSQLPwn SharpStay: Description: .NET Persistence Link: https://github.com/0xthirteen/SharpStay SharpSvc: Description: SharpSvc is a simple code set to interact with the SC Manager API using the same DCERPC process as sc.exe, which open with TCP port 135 and is followed by the use of an ephemeral TCP port Link: https://github.com/jnqpblc/SharpSvc SharpTask: Description: SharpTask is a simple code set to interact with the Task Scheduler service API using the same DCERPC process as schtasks.exe, which open with TCP port 135 and is followed by the use of an ephemeral TCP port. Link: https://github.com/jnqpblc/SharpTask SharpUp: Description: SharpUp is a C# port of various PowerUp functionality Link: https://github.com/GhostPack/SharpUp SharpView: Description: .NET port of PowerView Link: https://github.com/tevora-threat/SharpView SharpWebServer: Description: Red Team oriented simple HTTP & WebDAV server written in C# with functionality to capture Net-NTLM hashes Link: https://github.com/mgeeky/SharpWebServer SharpWifiGrabber: Description: Retrieves in clear-text the Wi-Fi Passwords from all WLAN Profiles saved on a workstation Link: https://github.com/r3nhat/SharpWifiGrabber SharpWMI: Description: SharpWMI is a C# implementation of various WMI functionality. Link: https://github.com/GhostPack/SharpWMI SharpZeroLogon: Description: An exploit for CVE-2020-1472, a.k.a. Zerologon. This tool exploits a cryptographic vulnerability in Netlogon to achieve authentication bypass. Link: https://github.com/nccgroup/nccfsas Shhmon: Description: While Sysmon's driver can be renamed at installation, it is always loaded at altitude 385201. The objective of this tool is to challenge the assumption that our defensive tools are always collecting events. Link: https://github.com/matterpreter/Shhmon Snaffler: Description: Snaffler is a tool for pentesters and red teamers to help find delicious candy needles (creds mostly, but it's flexible) in a bunch of horrible boring haystacks (a massive Windows/AD environment). Link: https://github.com/SnaffCon/Snaffler SqlClient: Description: C# .NET mssql client for accessing database data through beacon. Link: https://github.com/FortyNorthSecurity/SqlClient StandIn: Description: StandIn is a small AD post-compromise toolkit Link: https://github.com/FuzzySecurity/StandIn SweetPotato: Description: A collection of various native Windows privilege escalation techniques from service accounts to SYSTEM Link: https://github.com/CCob/SweetPotato ThreatCheck: Description: Modified version of Matterpreter's DefenderCheck Link: https://github.com/rasta-mouse/ThreatCheck TokenStomp: Description: C# POC for the token privilege removal flaw reported Link: https://github.com/MartinIngesen/TokenStomp TruffleSnout: Description: Iterative AD discovery toolkit for offensive operators Link: https://github.com/dsnezhkov/TruffleSnout Watson: Description: Watson is a .NET tool designed to enumerate missing KBs and suggest exploits for Privilege Escalation vulnerabilities. Link: https://github.com/rasta-mouse/Watson Whisker: Description: Whisker is a C#", "creation_timestamp": "2023-02-17T13:46:41.000000Z"}