started work on writing the tool, its not quite ready yet, but we're

getting close.
2025-11-14 16:53:06 -06:00
parent 47d6ed5556
commit 1a72bcee98
30 changed files with 2248 additions and 0 deletions
--- a/default_notes_templates/internal/attacks.md
+++ b/default_notes_templates/internal/attacks.md
@@ -0,0 +1,94 @@
+Got Persistence via (schtasks, bat schtasks, startup folder)
+(screenshot)
+
+---
+
+(link important info in initialenum.md here)
+
+---
+
+# powerup.ps1/sharpup.exe notes.
+
+(screenshot)
+
+---
+
+# kerberoast notes
+
+- [ ] worked via rubeus
+- [ ] worked via encrypted rubeus
+- [ ] worked via netexec
+
+
+(screenshot)
+
+---
+
+# password spray notes
+
+worked via (exeasm nefariousspray | inline nefarious spray | powershell tool | other tool)
+
+- [ ] useraspass
+- [ ] Seasonyear!
+- [ ] Service123!
+- [ ] admin
+- [ ] Admin
+- [ ] Admin123!
+- [ ] admin123
+- [ ] admin1
+- [ ] 1234567
+- [ ] Seasonyear
+- [ ] seasonyear!
+- [ ] seasonyear
+- [ ] COMPANYYEAR!
+- [ ] COMPANYYEAR
+- [ ] November2024!
+- [ ] September2024!
+- [ ] October2024!
+- [ ] COMPANYfoundingyear!
+- [ ] COMPANYfoundingyear
+- [ ] COMPANYstreetnumber!
+- [ ] COMPANYstreetnumber
+- [ ] Password
+- [ ] P@ssw0rd
+- [ ] Password1!
+- [ ] Password123!
+- [ ] Passwordyear!
+- [ ] P@55w0rd
+- [ ] Service
+- [ ] Service!
+- [ ] Serviceyear!
+
+---
+
+# bloodhound notes
+
+- [ ] worked via exeasm sharphound
+- [ ] worked via inline sharphound
+- [ ] worked via encrypted sharphound
+- [ ] worked via rusthound
+
+(notes about intial lateral movement paths)
+
+(screenshot)
+
+---
+
+# portscan notes
+
+- [ ] gathered via cobalt strike portscan
+- [ ] host enumeration via cmd
+- [ ] gathered via powershell
+- [ ] gathered via nmap
+- [ ] gathered via other tool (specify here)
+
+(screenshot)
+
+SSH count: 
+FTP count:
+RDP count:
+MSSQL count:
+mysql count:
+(continue as needed)
+
+---