search

Metasploit

# DNS (Port 53)
- auxiliary/gather/enum_dns  # Enumerate DNS information
- auxiliary/scanner/dns/dns_amp  # DNS amplification attack
- auxiliary/scanner/dns/dns_cache_scraper  # Scrape DNS cache

# Kerberos (Port 88)
- auxiliary/gather/kerberos_enumusers  # Enumerate users via Kerberos
- auxiliary/gather/kerberos_enum_tgs  # Enumerate Kerberos TGS tickets
- auxiliary/scanner/kerberos/kerberos_as_req  # Kerberos AS-REQ scanner (AS-REP Roasting)
- auxiliary/scanner/kerberos/kerberos_ticket_granting_service  # Enumerate SPNs for Kerberoasting

# MS-RPC (Port 135)
- exploit/windows/dcerpc/ms03_026_dcom  # Exploit MS-RPC DCOM vulnerability
- exploit/windows/dcerpc/ms17_010_eternalblue  # Exploit MS17-010 EternalBlue

# NetBIOS (Port 137-139)
- auxiliary/scanner/netbios/nbname  # NetBIOS name service scanner
- auxiliary/scanner/smb/smb_version  # SMB version scanner
- auxiliary/scanner/smb/smb_login  # Brute-force SMB login
- exploit/windows/smb/smb_relay  # SMB relay attack

# LDAP (Port 389)
- auxiliary/gather/ldap_enum  # LDAP enumeration
- auxiliary/gather/ldap_hashdump  # Dump hashes from LDAP
- auxiliary/admin/ldap/ldap_add_user  # Add user to LDAP server
- exploit/windows/ldap/ldap_pass_the_hash  # Pass-the-Hash for LDAP

# SMB (Port 445)
- auxiliary/scanner/smb/smb_enumshares  # Enumerate SMB shares
- auxiliary/scanner/smb/smb_enumusers  # Enumerate SMB users
- auxiliary/scanner/smb/smb_login  # SMB login brute-force
- exploit/windows/smb/ms17_010_psexec  # Exploit EternalBlue (psexec shell)
- exploit/windows/smb/ms08_067_netapi  # Exploit SMB MS08-067 vulnerability
- auxiliary/scanner/smb/smb_ms17_010  # Scan for MS17-010 vulnerability

# LDAPS (Port 636)
- auxiliary/scanner/ldap/ldap_search  # LDAP search over SSL
- auxiliary/gather/ldap_query  # Perform LDAP queries

# Global Catalog (Port 3268-3269)
- auxiliary/scanner/ldap/ldap_rootdse  # LDAP RootDSE information gathering

# RDP (Port 3389)
- auxiliary/scanner/rdp/rdp_scanner  # Basic RDP scanner
- auxiliary/scanner/rdp/rdp_enumcredssp  # Enumerate RDP CredSSP
- auxiliary/scanner/rdp/cve_2019_0708_bluekeep  # Scan for BlueKeep vulnerability (CVE-2019-0708)
- auxiliary/scanner/rdp/rdp_login  # Brute-force RDP logins
- exploit/windows/rdp/cve_2019_0708_bluekeep_rce  # Exploit BlueKeep (CVE-2019-0708)

# Windows Privilege Escalation
- exploit/windows/local/bypassuac  # Bypass UAC on Windows systems
- exploit/windows/local/ask  # Escalate privileges via the AlwaysInstallElevated policy
- exploit/windows/local/ms10_092_schelevator  # Exploit Task Scheduler Vulnerability (MS10-092)
- exploit/windows/local/ms16_032_secondary_logon_handle_privesc  # Escalate via Secondary Logon Handle (MS16-032)
- exploit/windows/local/ms14_058_track_popup_menu  # Kernel mode vulnerability exploit (MS14-058)
- exploit/windows/local/cve_2020_0787_bits  # Windows BITS Elevation of Privilege (CVE-2020-0787)
- exploit/windows/local/cve_2021_1675_printnightmare  # Windows Print Spooler Exploit (PrintNightmare CVE-2021-1675)
- exploit/windows/local/ms15_051_client_copy_image  # Exploit Client Copy Image Vulnerability (MS15-051)

# Generic Privilege Escalation Techniques
- post/multi/recon/local_exploit_suggester  # Suggest potential local exploits for privilege escalation
- exploit/multi/local/ntfs_priv_esc  # Escalate privileges by abusing NTFS vulnerability
- exploit/windows/local/cve_2021_1732_win32k  # Exploit Windows Win32k Privilege Escalation (CVE-2021-1732)
AnteriorImpacketPróximoNo Credentials

Atualizado