IMPACKET
Impacket is a collection of python classes for working with network protocols - This is what the official Github repository says, however impacket is a collection of tools that are incredibly useful in an offensive operation.
The tools can range from something as simple as psexec that can be used for remote code execution through SMB to more complicated attacks such as capturing hashes and relay spraying them across services to exploit a vulnerable service.
The following is the link to the impacket repository on Github,
https://github.com/fortra/impacket
MSSQL-Client
This is an alternate method for accessing the MSSQL server using the OS credentials. If you have OS credentials and the server runs MSSQL, then its best to spray the credentials to check whether access is available.
The following command can be used to access the MSSQL server,
Secrets-Dump
This tool can be used to dump the username and hash from the SAM and SYSTEM files in Windows,
NTLMRelayx
This tool is one of the most important tool that can be used in a MITM attack. The tool can receive SMB, HTTP, MSSQL, LDAP, etc connections, extract the authentication creds and relay it to another services. Here is an example of relaying received creds to a SMB service,
SMBServer
This tool can be used for hosting an SMB service and print the received credentials. The credentials then can be cracked using hashcat or john.
Last updated