/PowerUpSQL

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

Primary LanguagePowerShellOtherNOASSERTION

PowerUpSQLLogo

licence badge wiki Badge stars badge forks badge issues badge |

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

PowerUpSQL includes functions that support SQL Server discovery, weak configuration auditing, privilege escalation on scale, and post exploitation actions such as OS command execution. It is intended to be used during internal penetration tests and red team engagements. However, PowerUpSQL also includes many functions that can be used by administrators to quickly inventory the SQL Servers in their ADS domain and perform common threat hunting tasks related to SQL Server.

PowerUpSQL Wiki

For setup instructions, cheat sheets, blogs, function overviews, and usage information check out the wiki: https://github.com/NetSPI/PowerUpSQL/wiki

Author, Contributors, and License

  • Author: Scott Sutherland (@_nullbind), NetSPI - 2017
  • Major Contributors: Antti Rantasaari and Eric Gruber (@egru)
  • Contributors: Alexander Leary (@0xbadjuju), @leoloobeek, Andrew Luke(@Sw4mpf0x), Mike Manzotti (@mmanzo_), and @ktaranov
  • License: BSD 3-Clause
  • Required Dependencies: None