Black Hills webcast on penetration utilities 2018

Black Hills Information Security (BHIS) just did a webcast on the top utilities they used during the penetration testing this year. Here’s a rundown of all the tools they discussed. Recording of the web cast can be found here:

* ADExplorer – Microsoft utility that is digitally signed by Microsoft and written by SysInternals. Has the ability to run over the web.
* PowerOPS – Go directly to C# bypassing PowerShell and includes Mimikatz, DLLInjection, etc.
* Powerline – Utilizes System.Management.Automantion.dll to call into PowerShell within C#. Allows you invoke PowerShell scripts through the DLL.
* CredKing – Password spray using the cloud to come from random IPs of another cloud provider. Useful for attacking O365.
* MailSniper – Email collection program that has the ability to do keyword searches. Written by BHIS.
* Evilginx – Awesome phishing site cloning utility.
* Domain Hunter – This Python based tool was written to quickly query the search engine for expired/available domains with a previous history of use.
* Domain Gain – Helps with finding and registering categorized domains so that you can assume the categorization of the domain. This is very useful for bypassing web-proxy filters and evading other network detections.
* OSfuscate – Modifies your TCP/IP stack to emulate another device.