| Tool | Description |
|---|---|
| Certify | Active Directory certificate abuse. |
| Get-ServiceACL | Retrieve the access control list (ACL) for a service running on a host. |
| MailSniper | Toolset for performing analysis and attacks on mail services. |
| Powecat | Netcat-like written in PowerShell. |
| PowerLurk | Toolset for building malicious WMI event subscriptions. |
| PowerSharpPack | Useful offensive C# projects wraped into Powershell for easy usage. |
| PowerSploit | PowerShell post-exploitation framework. |
| Rubeus | Toolset for raw Kerberos interaction and abuses. |
| Seatbelt | Security oriented host-survey "safety checks". |
| SharPersist | Toolkit for Windows persistence. |
| SharpUp | PowerUp-like tool written in C#. |
| Type | Proto | ID | Description |
|---|---|---|---|
| π | SSH | ssh-workflow | SSH workflow. |
| π | SSH | ssh-detect | Software detection via Banner Grabbing. |
| π | SSH | ssh-auth-password | Password-based authentication enabled. |
| π | SSH | ssh-weak-kex | Weak key exchange algorithms offered. |
| π | SSH | ssh-weak-mac | Weak message authentication code algorithms offered. |
| π | SSH | cve-2023-48795 | Terrapin Attack. |