The 10 most beneficial tools (open source/free) that I have used for pentesting: (Not necessarily in order of most value becuse that’s highly dependent upon the engagement) ADeleg/ADeleginator (mine) ScriptSentry (mine) PingCastle Locksmith PowerView PowerSharpPack (suite of tools) Privesccheck ADExplorer NetTools RMMs This is all off the cuff. These are the first 10 that come to mind. I’m sure I’m forgetting some. P.s. I think this says a lot about my method of pentesting as well.

PostDump by @YOLOP0wn is now also added to PowerSharpPack 🔥

Just updated Rubeus, Seatbelt, Certify, Invoke-Privesccheck in PowersharpPack and WinPwn. It was time again. Also WinPwn now uses the C# Inveigh version with way more features enabled.👌

PowerSharpPack Many useful offensive CSharp Projects wraped into Powershell for easy usage. github.com/S3cur3Th1sSh1t/Po… #infosec #pentesting #redteam

"PowerSharpPack" #infosec #pentest #redteam github.com/S3cur3Th1sSh1t/Po…

Do you use #PowerSharpPack for your pentests? Join our con @MCTTP_Con in Munich and meet @ShitSecure the author of this awesome toolset & one of our awesome speakers 😎 mcttp.de/?utm_medium=FH #infosec #pentest #mcttp23

"PowerSharpPack " #infosec #pentest #redteam github.com/S3cur3Th1sSh1t/Po…

For example, with powershell exectuion feature you can use @ShitSecure PowerSharpPack toolkit without touching disk. AMSI will still catch you if you do that but that's not my problem, he probably has cool stuff on Patreon which will not get you in immediate trouble with EDR ;)

"PowerSharpPack" #redteam #infosec #pentest github.com/S3cur3Th1sSh1t/Po…

"PowerSharpPack" #infosec #pentest #redteam github.com/S3cur3Th1sSh1t/Po…

Saved this Tweet to your Notion database. Tags: [Powersharppack]

"PowerSharpPack" #infosec #pentest #redteam github.com/S3cur3Th1sSh1t/Po…

"PowerSharpPack" #infosec #pentest #redteam github.com/S3cur3Th1sSh1t/Po…

"PowerSharpPack" #infosec #pentest #redteam github.com/S3cur3Th1sSh1t/Po…

Updated Seatbelt and added KrbRelay (@cube0x0),KrbRelayUp(@dec0ne), SharpImpersonation (mine) && @Nettitude_Labs WSUS/SCCM abuse tools (SharpWSUS/MalSCCM) in PowerSharpPack: github.com/S3cur3Th1sSh1t/Po…

Jenkins and PowerSharpPack Half-Automation blog.sunggwanchoi.com/half-a…

Just added SharpHoundv4, @KlezVirus's SharpLdapRelayScan and @cube0x0's LdapSignCheck into PowerSharpPack. 👌 The SharpHound update is now also integrated into WinPwn both tools for LDAP enumeration. Also updated the offline version with all last changes.

New blog post: blog.sunggwanchoi.com/half-a… Blogged about using Jenkins to half-automate @ShitSecure 's PowerSharpPack payloads. PoC github repo: github.com/ChoiSG/jenkins-ps…

@ShitSecure could be useful to automate powersharppack faster :P could probably automate it further by manually changing methods to public but..

In addition NanoDump is now integrated into PowerSharpPack & WinPwn, Credit to @s4ntiago_p for the tool and hints for memory loading! Easy peasy LSASS dumping from memory. 🔥 Source code for the Assembly instructions in the comments can be found here (1/2):