Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VSS-AGENT service running on host)

Filip Dragovic

Last update: Jul 24, 2022

Related tags

Security related resources VSSTrigger

Overview

VSSTrigger

Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VSS-AGENT service running on host)

Credits: @topotam (https://fr.slideshare.net/LionelTopotam/petit-potam-slidesrtfmossir)

Scan all java processes on your host to check weather it's affected by log4j2 remote code execution

Log4j2 Vulnerability Local Scanner (CVE-2021-45046) Log4j 漏洞本地检测脚本，扫描主机上所有java进程，检测是否引入了有漏洞的log4j-core jar包，是否可能遭到远程代码执行攻击（CVE-2021-45046）。上传扫描报告到指定的服

86 Dec 9, 2022

This script allows you to make a onion host instantly.

Installation It only works in Debian based Linux distros. Clone the repo: git clone https://github.com/0xStevenson/Auto-Tor-Host.git Go to the direct

4 Feb 22, 2022

PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager)

PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager) This script allows to check and exploit missing authentication checks in

82 Nov 9, 2022

LinOTP - the open source solution for two factor authentication

462 Jan 2, 2023

:closed_lock_with_key: multi factor authentication system (2FA, MFA, OTP Server)

privacyIDEA privacyIDEA is an open solution for strong two-factor authentication like OTP tokens, SMS, smartphones or SSH keys. Using privacyIDEA you

1.3k Jan 3, 2023

LdapRelayScan - Check for LDAP protections regarding the relay of NTLM authentication

LDAP Relay Scan A tool to check Domain Controllers for LDAP server protections r

315 Dec 18, 2022

Simple script to have LDAP authentication in Home Assistant Docker, using NGINX's ldap-auth container

Home Assistant LDAP Auth Simple script to have LDAP authentication in Home Assistant Docker, using NGINX's ldap-auth container. Usage Deploy NGINX's l

1 Sep 21, 2022

Orthrus is a macOS agent that uses Apple's MDM to backdoor a device using a malicious profile.

Orthrus is a macOS agent that uses Apple's MDM to backdoor a device using a malicious profile. It effectively runs its own MDM server and allows the operator to interface with it using Mythic.

37 Dec 6, 2022

Docker Compose based system for running remote browsers (including Flash and Java support) connected to web archives

pywb Remote Browsers This repository provides a simple configuration for deploying any pywb with remote browsers provided by OWT/Shepherd Remote Brows

10 Jul 28, 2022

Owner

Filip Dragovic

OSCP,OSEP,CRTP,CRTE,PACES

GitHub

IP Denial of Service Vulnerability ")A proof of concept for CVE-2021-24086 ("Windows TCP/IP Denial of Service Vulnerability ")

CVE-2021-24086 This is a proof of concept for CVE-2021-24086 ("Windows TCP/IP Denial of Service Vulnerability "), a NULL dereference in tcpip.sys patc

1 Nov 25, 2021

Windows Virus who destroy some impotants files on C:\windows\system32\

psychic-robot Windows Virus who destroy some importants files on C:\windows\system32\ Signatures of psychic-robot.PY (python file) : Bkav Pro : ASP.We

1 Jan 6, 2022

Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.

Take Note! With the exception of issues and PRs regarding changes to hosts/data/StevenBlack/hosts, all other issues regarding the content of the produ

22.1k Jan 2, 2023

DependConfusion-X Tool is written in Python3 that scans and monitors list of hosts for Dependency Confusion

DependConfusion-X Tool is written in Python3 which allows security researcher/bug bounty hunter to scan and monitor list of hosts for Dependency Confusion.

4 Dec 21, 2021

Python library to remotely extract credentials on a set of hosts.

1.5k Dec 31, 2022

LittleBrother is a simple parental control application monitoring specific processes on Linux hosts to monitor and limit the play time of children.

Parental Control Application LittleBrother Overview LittleBrother is a simple parental control application monitoring specific processes (read "games"

40 Dec 21, 2022

Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VSS-AGENT service running on host)

Related tags

Overview

VSSTrigger

You might also like...

Scan all java processes on your host to check weather it's affected by log4j2 remote code execution

This script allows you to make a onion host instantly.

PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager)

LinOTP - the open source solution for two factor authentication

:closed_lock_with_key: multi factor authentication system (2FA, MFA, OTP Server)

LdapRelayScan - Check for LDAP protections regarding the relay of NTLM authentication

Simple script to have LDAP authentication in Home Assistant Docker, using NGINX's ldap-auth container

Orthrus is a macOS agent that uses Apple's MDM to backdoor a device using a malicious profile.

Docker Compose based system for running remote browsers (including Flash and Java support) connected to web archives

Owner

Filip Dragovic

IP Denial of Service Vulnerability ")A proof of concept for CVE-2021-24086 ("Windows TCP/IP Denial of Service Vulnerability ")

Windows Virus who destroy some impotants files on C:\windows\system32\

Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.

DependConfusion-X Tool is written in Python3 that scans and monitors list of hosts for Dependency Confusion

Python library to remotely extract credentials on a set of hosts.

LittleBrother is a simple parental control application monitoring specific processes on Linux hosts to monitor and limit the play time of children.

Proof of concept to check if hosts are vulnerable to CVE-2021-41773

A simple automatic tool for finding vulnerable log4j hosts

A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts

TLaunch: Launch Programs on Multiple Hosts