在线时间:8:00-16:00
迪恩网络APP
随时随地掌握行业动态
扫描二维码
关注迪恩网络微信公众号
开源软件名称:GoFetchAD/GoFetch开源软件地址:https://github.com/GoFetchAD/GoFetch开源编程语言:PowerShell 100.0%开源软件介绍:GoFetchGoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application. GoFetch first loads a path of local admin users and computers generated by BloodHound and converts it to its own attack plan format. Once the attack plan is ready, GoFetch advances towards the destination according to plan step by step, by successively applying remote code execution techniques and compromising credentials with Mimikatz. Watch Invoke-GoFetch in action GoFetch has two different versions:Chain reaction:Invoke-GoFetch (written in PowerShell to avoid Python installation prereq), implements a recursion that reads the full path, dumps the relevant credentials with Invoke-Mimikatz, and then copy and execute itself using Invoke-PsExec on the next relevant machine guided by the network path. One computer to rule them all:Python based code (a video of this version demonstrated at BlackHat Europe 2016), using a technique where one centralized computer is doing the job of connecting to each computer in the path, in the right order, to steal credentials (using Mimikatz), and use them to connect to the next machine in the path. Getting started with Invoke-GoFetchPlace GoFetch folder on the first machine of the attack path, in a session of the first user. Parameters
Examples
Prerequisites
LogicContributers
See also the list of contributors who participated in this project. AcknowledgmentsThanks for great tools that reminds us every day to secure our machines.
LicenseThis project is licensed under the MIT License - see the LICENSE.md file for details |
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论