[Feat] CredPhish - Githubissues

avinashkranjan / Pentesting-and-Hacking-Scripts

🚀 A curated collection of Pentesting and Hacking Scripts for Script Kiddie to Advanced Pentesters. 👨‍💻

Creative Commons Zero v1.0 Universal

181 stars 131 forks source link

[Feat] CredPhish #486

Closed shraddha761 closed 10 months ago

shraddha761 commented 11 months ago

AIM

CredPhish is a PowerShell script designed to invoke credential prompts and exfiltrate passwords.

Features

It relies on [CredentialPicker] to collect user passwords, [Resolve-DnsName] for DNS exfiltration, and Windows Defender's [ConfigSecurityPolicy.exe] to perform arbitrary GET requests.

Checklist

[X] I have checked the existing issues
[X] I have read the Contributing Guidelines
[X] I am willing to work on this issue (optional)
[X] I am a GSSoC'23 contributor

shraddha761 commented 11 months ago

/assign