Explore tweets tagged as #NetExec
@mpgn_x64
mpgn
24 days
Wanna see something cool about RDP and NetExec ?
Tweet media one
23
167
917
@mpgn_x64
mpgn
2 months
Based on the research of Akamai, I made a new module on netexec to find every principal that can perform a BadSuccessor attack and the OUs where it holds the required permissions 🔥.
Tweet media one
@YuG0rd
Yuval Gordon
2 months
🚀 We just released my research on BadSuccessor - a new unpatched Active Directory privilege escalation vulnerability.It allows compromising any user in AD, it works with the default config, and. Microsoft currently won't fix it 🤷‍♂️.Read Here -
Tweet media one
4
120
430
@al3x_n3ff
Alex Neff
9 days
Dumping the NTDS.dit from disk - A new NetExec module💾. Isn't it super annoying when AV blocks your access to the SAM/SYSTEM hives?.The new "ntds_dump_raw" module made by @0xcc00 parses the disk image directly, allowing you to extract the NTDS.dit or SAM database🚀
Tweet media one
13
168
669
@hackinarticles
Hacking Articles
2 months
Tweet media one
Tweet media two
Tweet media three
Tweet media four
6
133
466
@al3x_n3ff
Alex Neff
28 days
How to find the Entra ID sync server - A new NetExec module🔎. Inspired by the great Entra ID talks at #Troopers25, I looked into how to find the Entra ID sync server. Results: The description of the MSOL account, as well as the ADSyncMSA service account reference this server🚀
Tweet media one
10
140
498
@al3x_n3ff
Alex Neff
1 month
Did you know that you can kerberoast without any valid credentials? All you need is an account that is ASREProastable. This allows you to request service tickets for any account with a set SPN🔥. NetExec now has a native implementation of this technique, thanks to Azox
Tweet media one
7
115
473
@_0b1d1
0b1d1
2 months
Active Directory Pentesting with Netexec: The Next-Gen Enum4linux 🚀🏢. Netexec (previously CrackMapExec) is a powerful post-exploitation and enumeration tool used in authorized Active Directory assessments.
Tweet media one
4
75
299
@al3x_n3ff
Alex Neff
2 months
NetExec now has native checks for LDAP signing and channel binding capabilities of the target DC, thanks to the implementation of @_zblurx 🚀. I also fixed querying LDAP with non-ASCII characters, so you can finally query groups such as "Dämonen-Administratoren"🎉
Tweet media one
7
81
364
@0xcc00
Bilal
9 days
My module “ntds_dump_raw” is now out in NetExec🔥.Can’t wait for your feedback.
@al3x_n3ff
Alex Neff
9 days
Dumping the NTDS.dit from disk - A new NetExec module💾. Isn't it super annoying when AV blocks your access to the SAM/SYSTEM hives?.The new "ntds_dump_raw" module made by @0xcc00 parses the disk image directly, allowing you to extract the NTDS.dit or SAM database🚀
Tweet media one
1
0
20
@CyberTask
Cyber Task سايبر تاسك
18 days
كيف تسيطر على #ActiveـDirectory بالكامل!.في هذا اللاب العملي، تخترق شبكة Windows Domain خطوة بخطوة:. - تسميم LLMNR/NBT-NS.- ⁠التقاط وكسر NTLMv2.- ⁠استغلال صلاحيات Account Operators.- ⁠تصعيد إلى Domain Admin.باستخدام أدوات احترافية:. #Responder, #John, #NetExec, #EvilـWinRM
Tweet media one
1
16
160
@al3x_n3ff
Alex Neff
3 months
A new module has been merged into NetExec: change-password🔥. Accounts with STATUS_PASSWORD_EXPIRED aren't a problem anymore, just reset their password. You can also abuse ForceChangePassword to reset another user's password. Made by @kriyosthearcane, @mehmetcanterman and me
Tweet media one
3
118
413
@BriPwn
BriPwn
20 days
🛡️ New on The Weekly Purple Team:. We tunnel traffic into a restricted network using Chisel, then use NetExec to run remote commands over an RDP session — no SMB, no WMI, just native RDP access. ⚡. Learn how attackers move laterally & how to detect it. 🎥.
0
6
53
@sekurlsa_pw
🕳
2 months
BadSuccessor ports: .◾️.NET ◾️Python ◾️PowerShell 🎯 Implemented in these tools: .◾️Netexec: .◾️BloodyAD
1
64
210
@al3x_n3ff
Alex Neff
2 months
What do you do if you have compromised a server administrator? Hunt for domain admins🏹. This is what NetExec's latest module "presence" does. It checks for DAs in:.- C:\Users folder.- Processes.- Scheduled Tasks. All done with native Windows protocols. Made by crosscutsaw and me
Tweet media one
3
109
433
@Defte_
Aurélien Chalot
20 days
Netexec users and Windows lovers here is a small tip I learned experimenting with @scam_work about windows loggedon-users and scheduled task impersonation.
2
43
168
@mpgn_x64
mpgn
1 month
Thank you all for joining the Star Wars NetExec workshop at @_leHACK_ 2025 with @_zblurx & @wil_fri3d 🔥🪐. 50 hackers, 1 room, 2 domains to pwn! 💥. 🥇 @LeandreOnizuka takes the win 🏆.🥈 @wfrnds1 in second place. Full write-up by @LeandreOnizuka 📝👇.
5
34
119
@_zblurx
Thomas Seigneuret
2 years
New feature in #NetExec : S4U2Self and S4U2Proxy support and automation with --delegate and --self. It allows you to abuse KCD with protocol transition and RBCD automatically in NetExec, and use directly all the postex functionalities 🔥. For example with RBCD:
Tweet media one
5
95
321
@hackthebox_eu
Hack The Box
1 month
Let's crack on 🧨.From a passion project to an essential tool, #NetExec has become a go-to resource for many in the cybersecurity space. Join us as we sit down live on YouTube with @mpgn_x64, the mind behind it all, to talk open source, persistence, and the personal journey of
Tweet media one
0
22
122
@DirectoryRanger
DirectoryRanger
12 days
Getting Started with NetExec: Streamlining Network Discovery and Access.
0
6
26