Max
Max copied to clipboard
knavesec
Maximizing BloodHound. Max is a good boy.
John & Hashcat split LM hashes into two 16 hex char hashes (as per the LM algorithm) in their potfiles. This adds support for those hashes. A workaround for this...
The code at line 1104 is causing max.py to fail if I am using the dpat option. `num_pass_hashes_list.append([entry['row'][0], entry['row'][1], length, entry['row'][2], datetime.datetime.fromtimestamp(entry['row'][3])], )` The datetime conversion here fails, and causes...
Disclaimer - I by no means want to be that guy that makes a bunch of tool complaints. I have some time this month to help make these improvements. This...
Current Version: `C:\Tools\Max\max.py:1474: SyntaxWarning: invalid escape sequence '\ ' max = """` Seems like ASCII art is throwing a warning. Not an immediate fix, but I just wanted to give...
Make it so Max can be installed system wide. Surely such a good boy deserves to run around the whole house? In order for the publish to PyPi to work,...
Add new command to enumerate weak machine accounts. Generates a dictionary for password spraying or enumerates weak password with NTDS file. [Article](https://www.secura.com/uploads/whitepapers/Secura-WP-Timeroasting-v3.pdf) about weak machine passwords (TLDR: `WORKSTATION01$` can have...
Or maybe roll azure into existing queries? For some, this is already the case (like `--hvt`), but for some (like `--users`) Azure AD objects aren't included. Looking at the queries,...
Adds two new flags for `mark-owned`. `--userpass` tells Max that we're reading a file in the format of `username:password`. `--store` tells Max to put the passwords into the DB for...
Using the `query` option to run the command directly, we get nothing back if you run the full original command. If you split the command into sub-sections, they run fine....