Sep 14, 2023, 02:46 AM
https://camo.githubusercontent.com/be086...382e676966
Ladon is a modular network penetration tool that can be PowerShell modularized, CS plug-inable, memory loaded, and has no file scanning. It includes port scanning, service identification, network asset detection, password auditing, high-risk vulnerability detection, vulnerability exploitation, password reading and one-click GetShell. It supports batch A/B/C and cross-network segment scanning. It supports URL, host, Domain name list scanning, etc. Version 11.0 has 234 built-in functional modules, 32 protocols of the network asset detection module (ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP) and methods to quickly obtain the target network surviving host IP, computer name, workgroup, shared resources, network card address, operating system version, website, subdomain name, middleware, open services, routers, switches, databases, printers and other information, 16 high-risk vulnerability detections include Cisco, Zimbra, Exchange , DrayTek, MS17010, SMBGhost, Weblogic, ActiveMQ, Tomcat, Struts2 series, Printer, etc., password audit 23 databases (Mysql, Oracle, MSSQL), FTP, SSH, VNC, Windows (LDAP, SMB/IPC, NBT, WMI , SmbHash, WmiHash, Winrm), BasicAuth, Tomcat, Weblogic, Rar, etc., remote execution commands include (smbexec/wmiexe/psexec/atexec/sshexec/webshell), and the Web fingerprint identification module can identify 135+ (Web applications, middleware, Script type, page type), etc., local privilege escalation 21+ includes SweetPotato\BadPotato\EfsPotato\BypassUAC, highly customizable plug-in POC supports plug-ins written in .NET assemblies, DLL (C#/Delphi/VC), PowerShell and other languages. Supports batch calling of any external program or command by configuring INI, and the EXP generator can generate vulnerability POC with one click to quickly expand scanning capabilities. Ladon supports Cobalt Strike plug-in scanning to quickly expand the intranet for lateral movement.
More information: http://k8gege.org/Ladon/
News article: https://www.theregister.com/2022/08/09/c...kaspersky/
Writing plugins with ChatGPT: https://github.com/k8gege/ChatLadon
Very versatile and very strong tool to use. I am not responsible for how you use it.
Download: https://github.com/k8gege/Ladon
Throw a thanks if you like what I share. Enjoy.
Ladon is a modular network penetration tool that can be PowerShell modularized, CS plug-inable, memory loaded, and has no file scanning. It includes port scanning, service identification, network asset detection, password auditing, high-risk vulnerability detection, vulnerability exploitation, password reading and one-click GetShell. It supports batch A/B/C and cross-network segment scanning. It supports URL, host, Domain name list scanning, etc. Version 11.0 has 234 built-in functional modules, 32 protocols of the network asset detection module (ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP) and methods to quickly obtain the target network surviving host IP, computer name, workgroup, shared resources, network card address, operating system version, website, subdomain name, middleware, open services, routers, switches, databases, printers and other information, 16 high-risk vulnerability detections include Cisco, Zimbra, Exchange , DrayTek, MS17010, SMBGhost, Weblogic, ActiveMQ, Tomcat, Struts2 series, Printer, etc., password audit 23 databases (Mysql, Oracle, MSSQL), FTP, SSH, VNC, Windows (LDAP, SMB/IPC, NBT, WMI , SmbHash, WmiHash, Winrm), BasicAuth, Tomcat, Weblogic, Rar, etc., remote execution commands include (smbexec/wmiexe/psexec/atexec/sshexec/webshell), and the Web fingerprint identification module can identify 135+ (Web applications, middleware, Script type, page type), etc., local privilege escalation 21+ includes SweetPotato\BadPotato\EfsPotato\BypassUAC, highly customizable plug-in POC supports plug-ins written in .NET assemblies, DLL (C#/Delphi/VC), PowerShell and other languages. Supports batch calling of any external program or command by configuring INI, and the EXP generator can generate vulnerability POC with one click to quickly expand scanning capabilities. Ladon supports Cobalt Strike plug-in scanning to quickly expand the intranet for lateral movement.
More information: http://k8gege.org/Ladon/
News article: https://www.theregister.com/2022/08/09/c...kaspersky/
Writing plugins with ChatGPT: https://github.com/k8gege/ChatLadon
Very versatile and very strong tool to use. I am not responsible for how you use it.
Download: https://github.com/k8gege/Ladon
Throw a thanks if you like what I share. Enjoy.