BPATTY[RELOADED] v1.2 release!
· 3 min read
Release notes for v1.2
New/updated content
- atexec.py - new!
- bbot - new!
- docker - new!
- exiftool - new!
- farmer.exe - added code snippet to help the WebClient service start automatically
- gettgtpkinit.py - new!
- getst.py - new!
- gettgt.py - new!
- hashcat - corrected information about IPMI cracking
- impacket - new!
- jq - new! - starting with a command to take just computer names and descriptions out of a computers.json file from BloodHound
- klist - new!!
- metasploit - added information about using an RHOSTS file, as well as logging all output to a "spool" file
- mergy.py - new! - takes a list of machines running WebClient and smashes it together with an output file full of machine names and descriptions
- net.py - new!
- netexec - added better way to find hosts without SMB signing, as well as finding/sorting shares
- nmap - added notes about finding "up" hosts from IPMI scan
- FGDS.sh - new! - script for Google dorking while also using ProtonVPN to rotate IPs
- pingloop.sh - new! - when you need to ping sweep through a list of hosts regularly to monitor when they come online!
- ProtonVPN command line reference - new!
- ProtonVPN IP cycler - new! - script to rotate your ProtonVPN IP every few minutes
- rbcd.py - new!
- secretsdump.py - added correction to dumping hashes with history included
- smbclient.py - new!
- winrm - new! - for remoting into stuff
- wmiexec.py - new!
- pywhisker.py - new!
New things in the oven for future releases
Tools
- CanaryTokens and other things in this nice Twitter thread
- ffuf
SmartDeploy notes (I'm currently playing with a trial version)it won't meet my imaging needs unfortunately :-(- Stirling-PDF
- Wazuh quick start guide
General cleanup
- Review all docs tagged with review
- Go back into each tool page and provide the source download link
- Under review: a BPATTY reader noted "I’d have to disagree with your comment in certipy.py on bpatty, about a 401 unauthorized means the endpoint has been hardened. A 401 is exactly what we want as the web app is blocking us as we didn’t provide creds to log on. Having the site accessible is good news. Having a 403 Forbidden on the other hand, is generally bad news and I’ve never had this work."
Software and misc guides
- Audit-Inspector
- ADEssentials - looks interesting...a tool for healthy Active Directory management
- GOAD - lots of podcast listeners ask about this one
- Logging and alerting best practices according to CISA
- IPv6 - what's the best strategy to handle this from a security standpoint?
- 0365 - perhaps a quick cheat sheet on common security policies for O365.
- RemoveBackgroundWebGPU for removing backgrounds from stuff
- SCCM - deploying automagically in a lab (I believe this is rolled into GOAD now.