Phrozen InfoSec Tools - Papers

PowerBruteLogon is a ported version of WinBruteLogon in pure PowerShell

Notice that this version is slower than WinBruteLogon but has the advantage to be 100% coded in PowerShell. In a near future, I will try to implement jobs to improve the speed of logon testing.

Be aware that both WinBruteLogon and PowerBruteLogon are very noisy, each failed attempt will result in a new "Bad Logon" log entry on Windows.

For more information about the whole concept behind this project, please read the following article

Read more...

Local version

You can find another variant of this program which doesn't requires Networking function and also compatible with any application like Netcat, Telnet etc... here : (RunAsAttached)[https://www.phrozen.io/paper/infosec-tools/runasattached]

RunAsAttached (Local) version is more stable.

The goal of Networked version was to demonstrate inter-process communication using Socket programming.

RunAsAttached (Networked) - 32bit / 64bit

RunAsAttached is a program to run a console as another user and keep new console attached to caller console. Support reverse shell mode (Ex: Netcat)

Read more...

RunAs Attached (Local) - 32bit / 64bit

RunAsAttached is a program to locally run a new terminal as another user without spawning a new console window.

Very useful during Penetration Tests to escalate as another user without while having an initial shell.

It mimic the "su" program from UNIX systems but for Windows (natively)

Read more...

RunAs (Microsoft Windows) - 32bit / 64bit.

This program is an example about how to easily run any programs as any user.

Usage

Mandatory

  • -u <username> : Launch program as defined username.
  • -p <password> : Password associated to username account.
  • -e <program> : Executable path (Ex: notepad.exe).
Read more...