linWinPwn
by lefayjey
linWinPwn is a versatile bash script designed to streamline various Active Directory penetration testing tools for Linux users.
linWinPwn is a bash script that streamlines the use of a number of Active Directory tools
Primary Use Case
This tool is primarily used by penetration testers and red teamers to efficiently enumerate and exploit vulnerabilities in Active Directory environments. It simplifies the process of using multiple tools by providing an interactive and automated interface for various checks and exploits.
- Wraps multiple Active Directory tools for enumeration and exploitation
- Supports both interactive and automated modes of operation
- Performs vulnerability checks for common exploits like ZeroLogon and MS17-010
- Facilitates password dumping and object modifications
- Integrates with tools like BloodHound, Impacket, and Kerbrute
Installation
- git clone https://github.com/lefayjey/linWinPwn
- cd linWinPwn
- chmod +x install.sh
- ./install.sh
Usage
>_ linWinPwn -t <Domain_Controller_IP>Runs the script in interactive mode to perform various checks.
>_ linWinPwn -t <Domain_Controller_IP> --autoExecutes the script in automated mode for enumeration without exploitation.
- Repurposing: While primarily a penetration testing tool, linWinPwn can be used for internal security audits to assess Active Directory configurations and identify potential misconfigurations or vulnerabilities that could be exploited by an insider threat.
- Chaining: Combine linWinPwn with a tool like Metasploit for post-exploitation activities. Use linWinPwn to identify vulnerabilities and Metasploit to exploit them, creating a comprehensive attack simulation.
- Evasion/Detection: Attackers might bypass linWinPwn detection by using custom scripts that mimic its functionality without triggering known signatures. To detect such attempts, monitor for unusual network traffic patterns and unauthorized access to AD resources.
- Data Fusion: Integrate linWinPwn output with SIEM solutions to correlate detected vulnerabilities with real-time threat intelligence feeds, enhancing the ability to prioritize and respond to threats based on current threat landscapes.
- Automation: Develop an automated workflow in a SOC environment where linWinPwn runs scheduled scans of the AD environment, and its findings are automatically fed into a ticketing system for immediate review and remediation by security analysts.
Docs Take 2 Hours. AI Takes 10 Seconds.
Ask anything about linWinPwn. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.
3 free chats per tool • Instant responses • No credit card
Related Tools
Awesome-Hacking
Hack-with-Github/Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
hackingtool
Z4nzu/hackingtool
ALL IN ONE Hacking Tool For Hackers
mitmproxy
mitmproxy/mitmproxy
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
sqlmap
sqlmapproject/sqlmap
Automatic SQL injection and database takeover tool
metasploit-framework
rapid7/metasploit-framework
Metasploit Framework
h4cker
The-Art-of-Hacking/h4cker
This repository is maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), AI security, vulnerability research, exploit development, reverse engineering, and more. 🔥 Also check: https://hackertraining.org