Skip to content

Latest commit

 

History

History
42 lines (28 loc) · 1.12 KB

README.md

File metadata and controls

42 lines (28 loc) · 1.12 KB

Invoke-Pentest

PowerShell script to execute common internal penetration testing techniques in an Active Directory environment

Usage

List Tests

Invoke-Pentest -List

Run All Tests

Invoke-Pentest -TestID All

Run Collection Tests

Invoke-Pentest -TestID Collection

Run Domain Password Spray

Invoke-Pentest -TestID T1110 -Password 'Welcome1234'

Cleanup Data Files from Tests

Invoke-Cleanup

Tests

  • All - Run All Tests
  • Collection - Run Collection Tests (T1081, T1086, T1208)
  • T1081 - Searches through domain SYSVOL share for any Group Policy Preferences Passwords and decrypts them
  • T1086 - Executes BloodHound using the collection methods of "All" and "Loggedon"
  • T1110 - Executes password spraying against all active domain accounts. Default password is "Welcome2020!"
  • T1208 - Executes kerbeoasting technique against all available SPNs

ToDo

  • Add more tests
  • Clean up ugly code
  • Add comments
  • Add minor evasion techniques
  • Add different execution methods for each test
  • Integrate lateral movement based on findings
  • Attempt simple hash cracking