CrackMapExec 5.4.0
Home
Discord
Author
Search
⌃
K
Links
💞
A swiss army knife for Pentesting networks
Author
1⃣
Tool
🟢
Linux
Docker
🟢
Parameters
Scan Optimization
🟢
Target Definition - CME
Protocols
1⃣
SMB CrackMapExec
2⃣
LDAP CrackMapExec
3⃣
MsSQL CrackMapExec
FTP CrackMapExec
SSH CrackMapExec
RDP CrackMapExec
WinRM CrackMapExec
🥷
Integrations
🔴
BloodHound and CrackMapExec
🔴
DeathStar and CrackMapExec
🥷
Get Reverse Shell
🟢
CME Reverse Shell with Metasploit
🟢
CME Reverse Shell with Empire
🔴
CME Reverse Shell with Covenant
Use Cases
🔥
Scan for SMB Vulnerabilities using CrackMapExec
🔥
Dump Credentials with CrackMapExec
🔥
Anti Virus Bypass with CrackMapExec
🥷
Dump Credentials
Windows Machine
Linux Machine
🥷
Databases
Workspaces
Credentials
Powered By
GitBook
🟢
Target Definition - CME
CrackMapExec can use different types to define our target, we can use IPs, domains, CIDRs, Ranges, or a files containing all hosts.
Scan a subnet
crackmapexec <protocol> 192.168.10.0/24
Use a domain
crackmapexec <protocol> ms.poplabsec.com
Define multiple IP Ranges
crackmapexec <protocol> 192.168.2.0-28 192.168.10.1-67
Import IPs from a text File
crackmapexec <protocol> ~/hosts.txt
Use a Nmap output File
Use Nessus output file
Tool - Previous
Scan Optimization
Next - Protocols
SMB CrackMapExec
Last modified
7mo ago