Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/tokyoneon/CredPhish

CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.
https://github.com/tokyoneon/CredPhish

amsi antivirus-evasion backdoor bypass-antivirus c2 dns dns-server exfiltration information-security kali kali-linux kali-scripts offensive-security penetration-testing reverse-shell shell social-engineering

Last synced: about 2 months ago
JSON representation

CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.

Awesome Lists containing this project

README 

        
![](images/credphish.gif)



CredPhish is a PowerShell script designed to invoke credential prompts and exfiltrate passwords. It relies on [CredentialPicker](https://docs.microsoft.com/en-us/uwp/api/windows.security.credentials.ui.credentialpicker?view=winrt-19041) to collect user passwords, [Resolve-DnsName](https://docs.microsoft.com/en-us/powershell/module/dnsclient/resolve-dnsname) for DNS exfiltration, and Windows Defender's [ConfigSecurityPolicy.exe](https://lolbas-project.github.io/lolbas/Binaries/ConfigSecurityPolicy/) to perform arbitrary GET requests.



For a walkthrough, see the [Black Hills Infosec publication](https://www.blackhillsinfosec.com/how-to-phish-for-user-passwords-with-powershell/).