Impacket

Impacket is a powerful collection of Python classes focused on providing low-level access to network packets and protocol implementation. It allows users to construct packets from scratch or parse them from raw data, offering an object-oriented API to work with complex protocol hierarchies.

Key features:

• Protocol Support: Ethernet, IP, TCP, UDP, ICMP, SMB1-3, MSRPC, TDS, LDAP, and more.
• Authentication: Plain, NTLM, and Kerberos authentication with password/hashes/tickets/keys.
• Remote Execution Tools: psexec.py, smbexec.py, atexec.py, wmiexec.py, dcomexec.py for remote command execution.
• Kerberos Tools: getTGT.py, getST.py, getPac.py, GetUserSPNs.py for Kerberos exploitation.
• Windows Secrets Dumping: secretsdump.py for extracting secrets from remote machines.
• MiTM Attack Tools: ntlmrelayx.py for NTLM relay attacks, smbserver.py for setting up SMB servers.
• WMI Tools: wmiquery.py, wmipersist.py for WMI querying and persistence.
• File Format Tools: esentutl.py, ntfs-read.py, registry-read.py for parsing file formats.

Use cases:

• Penetration testing and red teaming.
• Network protocol analysis and exploitation.
• Automating tasks involving network protocols.
• Developing custom security tools.