PsMapExec
evil-winrm
PsMapExec | evil-winrm | |
---|---|---|
1 | 4 | |
675 | 4,191 | |
- | 2.0% | |
9.2 | 0.0 | |
12 days ago | 7 days ago | |
PowerShell | Ruby | |
BSD 2-clause "Simplified" License | GNU Lesser General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
PsMapExec
evil-winrm
-
HackTheBox - Writeup Authority [Retired]
┌──(root㉿kali)-[/home/kali/hackthebox/machines-windows/authority] └─# evil-winrm -i authority.htb -u svc_ldap -p 'lDaP_1n_th3_cle4r!' Evil-WinRM shell v3.4 Warning: Remote path completions is disabled due to ruby limitation: quoting_detection_proc() function is unimplemented on this machine Data: For more information, check Evil-WinRM Github: https://github.com/Hackplayers/evil-winrm#Remote-path-completion Info: Establishing connection to remote endpoint *Evil-WinRM* PS C:\Users\svc_ldap\Documents>
- Release v3.5 · Evil WinRM - This program can be used on any Microsoft Windows Servers with this feature enabled (usually at port 5985), of course only if you have credentials and permissions to use it.
-
Active Directory in CTFs
Evil-WinRM exploits WinRM, a protocol used by system administrators on Windows servers.
- GitHub - Hackplayers/evil-winrm: The ultimate WinRM shell for hacking/pentesting
What are some alternatives?
PowerHub - A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting
rport - remote access and remote management
Crowbar - A windows post exploitation tool that contains a lot of features for information gathering and more.
DevChecker - Access remote Windows devices for common IT admin tasks and information
PowerShell-Red-Team - Collection of PowerShell functions a Red Teamer may use in an engagement
LAZYPARIAH - A tool for generating reverse shell payloads on the fly.
A-Red-Teamer-diaries - RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
heimdal - Heimdal
Villain - Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
WhatWeb - Next generation web scanner
hacker-roadmap - A collection of hacking tools, resources and references to practice ethical hacking.
ruby-pwsh - A ruby gem for interacting with PowerShell