CRACKMAPEXEC V4.0 – A swiss army knife for pentesting networks – Penetration Testing

CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of “Living off the Land”: abusing built-in Active Directory features/protocols to achieve it’s functionality and allowing it to evade most endpoint protection/IDS/IPS solutions.

CME makes heavy use of the Impacket library (developed by @asolino) and the PowerSploit Toolkit (developed by @mattifestation) for working with network protocols and performing a variety of post-exploitation techniques.

Although meant to be used primarily for offensive purposes (e.g. red teams), CME can be used by blue teams as well to assess account privileges, find possible misconfigurations and simulate attack scenarios.

CrackMapExec is developed by @byt3bl33d3r

Installation

#~ apt-get install -y libssl-dev libffi-dev python-dev build-essential
#~ git clone http://ift.tt/1TTPVDg
#- cd CrackMapExec && git submodule init && git submodule update –recursive
#~ python setup.py install

Update:
git pull origin master
git submodule init && git submodule update –recursive

Upgrade using pip
pip2 install crackmapexec –upgrade

Tutorial

The post CRACKMAPEXEC V4.0 – A swiss army knife for pentesting networks appeared first on Penetration Testing.

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s