CredPhish – A PowerShell Script Designed To Invoke Legitimate Credential Prompts And Exfiltrate Passwords Over DNS

August 1, 2021

CredPhish is a PowerShell script designed to invoke credential prompts and exfiltrate passwords. It relies on CredentialPicker to collect user passwords, Resolve-DnsName for DNS exfiltration, and Windows Defender’s ConfigSecurityPolicy.exe to perform arbitrary GET requests.

For a walkthrough, see the Black Hills Infosec publication.

Download CredPhish

click here to read full Article

Read More on Pentesting Tools

Tags: Credential CredPhish Cybersecurity Designed DNS ethical hacking Exfiltrate hack android hack app hack wordpress hacker news hacking hacking tools for windows Invoke keylogger kit kitploit Legitimate password brute force passwords penetration testing pentest pentest android pentest linux pentest toolkit pentest tools PowerShell Prompts script spy tool kit spyware tools

You may also like...

Leave a Reply Cancel reply