A Post-Exploitation Framework written for .NET 5.0 (Previously known as .NET Core)
Following in the naming of the various *sploit projects, CoreSploit is designed to work with cross-platform agents that are made using the .NET Framework 5.0 and above.
GetDomainUser - Pulls user information from an LDAP Server
GetDomainGroup - Pulls group information from an LDAP Server
GetDomainComputer - Pulls computer information from an LDAP Server
GetEnableLua - Checks that status of EnableLua in a GPO Object
GetFilterAdministratorToken - Checks that status of FilterAdministratorToken in a GPO Object
GetLocalAccountTokenFilterPolicy - Checks that status of LocalAccountTokenFilterPolicy in a GPO Object
GetSeDenyNetworkLogonRight - Checks that status of SeDenyNetworkLogonRight in a GPO Object
GetSeDenyRemoteInteractiveLogonRight - Checks that status of SeDenyRemoteInteractiveLogonRight in a GPO Object
GetProcessList - Get a list of processes on the host
GetDirectoryListing - Get a directory listing on the host
GetHostname - Get hostname
GetUsername - Get current username
TakeScreenshot - Take a screenshot of the host
PortScan - Check if a port is open on a host
Ping - Check if a host is up
SMBAdminCheck - Using PassTheHash and SMB to check if a user is admin
SMBExecute - Using PassTheHash and SMB to execute a command
WMIAdminCheck- Using PassTheHash and WMI to check if a user is admin
WMIExecute- Using PassTheHash and WMI to execute a command
- Dennis Panagiotopoulos (@den_n1s) for the GPO Setting Enumeration code.
- Ryan Cobb (@cobbr_io) for the initial SharpSploit project which a lot of this code is heavily based on.
- Kevin Robertson (@kevin_robertson) for his Invoke-TheHash code, which the CoreSploit Pass the Hash functionality comes from.
- Matt Graeber (@mattifestation), Will Schroeder (@harmj0y), and Ruben (@FuzzySec) - For their work on PowerSploit.