GTFONow
PowerHub
Our great sponsors
GTFONow | PowerHub | |
---|---|---|
1 | 1 | |
491 | 693 | |
- | - | |
6.4 | 6.0 | |
10 days ago | 15 days ago | |
Python | PowerShell | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
GTFONow
-
Traitor: Linux privilege escalation made easy
How do you plan to use this universally across compromised systems, if they don't have Go to compile this?
A better solution might be https://github.com/Frissi0n/GTFONow which is written in python without dependencies and supports Py2/3. I would expect this to work on more hosts.
PowerHub
-
Dumping LSASS without Mimikatz with MiniDumpWriteDump == Reducing Chances of Getting Flagged
It doesn't, it just recognizes -bxor. You can use a combination of -bnot and -band instead. I do this in my pet project, which still successfully uses basic AMSI bypasses: https://github.com/AdrianVollmer/PowerHub
What are some alternatives?
Wfetch - Neofetch/pfetch, but for weather
PsMapExec - A PowerShell tool that takes strong inspiration from CrackMapExec / NetExec
PEASS-ng - PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
fsociety - fsociety Hacking Tools Pack – A Penetration Testing Framework
pwncat - Fancy reverse and bind shell handler
pywerview - A (partial) Python rewriting of PowerSploit's PowerView
SUID3NUM - A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
teleRAT - Telegram RAT written in Python
svachal - Automate writeup for vulnerable machines.
BlackMamba - C2/post-exploitation framework
traitor - :arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
tunic - Install Linux from a running Windows system, without need for a live USB.