#Go-to Tooling

What tools can you absolutely not live without when pentesting? There's always more than one tool for the job of course, but here's some of mine:

• nmap
• crackmapexec
• ADRecon
• Rubeus
• mimikatz
• Responder/Inveigh
• hashcat
• Eyewitness
• PowerView
• Bloodhound
• ssh (tunelling/SOCKS proxy etc)

What are you all bringing to the party?!

It really depends on what I’m working on obviously but I find burp extremely useful. It gives you a lot of information not to mention it’s great for attacking and enumerating.

I know proxychains has questionable reputation but I’ve found it to be really helpful last couple of times I’ve used it.

Did you notice how I didn’t mention Metasploit? 🤣😂

I forgot to mention if you’re attempting DNS IPv6 takeover, ntlmrelayx and mitm 6 are pretty useful as well.

All good points, and yeah mine was very infra focused I admit..... but Burp! How could I forget Burp!

Well since you mentioned eyewitness, I figured it wouldn’t exclusively be AD!

I did 😉

Although I hardly ever touch it for exploitation, it has it's moments for enumeration, and the handler's useful

Another to add is discover which is a great wrapper around recon tooling

Came across https://github.com/itm4n/PrivescCheck which is pretty good for a broad privilege escalation check. Definitely better than PowerUp

plus it's PSH not C#, so fairly easy to bypass AMSI and run

The entire impacket suite 👀

PingCastle