Tooling

Manspider

Very useful tool to crawl shares on the domain and find juicy information.

GitHub - blacklanternsecurity/MANSPIDER: Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!GitHub

Manspider tool

manspider ../smb_hosts.txt \
          --exclude-sharenames 'IPC$' 'ADMIN$' 'PRINT$' \ 
          --sharenames 'C$' \
          --maxdepth 5 \
          --exclude-dirnames 'AppData' 'Downloads' \ 
          --dirnames 'Desktop' 'Users' \
          -f 'passw' 'login' 'credenti' 'creds' 'password' 'credit' \ 
          -e doc txt xls docx xlsx \
          -u 'USER' \
          -p 'REDACTED' | tee /home/aghebert\@gosecure.net/manspider-output.txt

Snaffler

Another tool to crawl Windows shares and find juicy information our user has access too.

This tools needs to be run from a domain-joined Windows system host or a domain user context.

-d: Specify the domain to look within.

-s: print the result on the console.

-v: verbosity (data is specified to only output the result).

.\Snaffler.exe  -d INLANEFREIGHT.LOCAL -s -v data

GitHub - SnaffCon/Snaffler: a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )GitHub

Snaffler

Coercer

Coerce a Windows system to authenticate to our attacker machine. We can also use Responder (ntlmrelayx.py) to relay the authentication.

GitHub - p0dalirius/Coercer: A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods.GitHub

Coercer tool