Using MSSQL NTLM Stealer to Get Highly Privileged Domain Creds

Going from a normal domain user to a highly privileged MSSQL Service Account can sometimes be pretty easy with the following Metasploit module: auxiliary/admin/mssql/mssql_ntlm_stealer I have been using this method of escalation when various other methods fail, but also MSSQL databases can often be where the clients personally identifiable information (PII) is held and shows… Continue reading Using MSSQL NTLM Stealer to Get Highly Privileged Domain Creds

Loading A Weaponised Interactive PowerShell Session With Metasploit

A colleague @davehardy20 and I came up with this from an idea I had, it gives an Interactive PowerShell session from Metasploit, using newly developed Metasploit payloads. Check out the blog post here for more information – https://www.nettitude.co.uk/interactive-powershell-session-via-metasploit Enjoy

Python Share Enumerator

Hey, I’ve been working with a few large clients and needed to search a lot of network shares with a standard user account to see if the shares looked dangerous or overly permissive for the user, e.g. an Admin share has full everyone permissions and the user can capture sensitive data. To do this I’ve… Continue reading Python Share Enumerator

Simple Nmap Parser

Hey, Needed to parse an Nmap scan really simply and couldn’t find anything useful so I created a simple c# application to do it. Thought others might find it useful, here’s a screenshot of the beast at work. NmapParser  

Nessus Parser in Python

I have been making a few programs in c# for parsing nessus and while these have been really good I wanted to expand my knowledge and create a python parser so that I can edit and change it on the fly while pentesting to get any specific information that I need or require. For example,… Continue reading Nessus Parser in Python