reddit hackernews mail facebook facebook linkedin


A C# MS-SQL toolkit designed for offensive reconnaissance and post-exploitation.

Standard modules are used to interact against a single MS SQL server:
- Execute an arbitrary SQL query
- See what user you are logged in as, mapped as and what roles exist
- Show all databases present on the SQL server
- Show all tables in the database you specify
- Search column names within tables of the database you are connected to
- Capture NetNTLMv2 hash
- Enable/disable xp_cmdshell
- Execute an arbitrary system command
- Enable/disable OLE Automation Procedures
- Enable/disable Custom CLR Assemblies
- Load and execute a .NET assembly within a custom stored procedure
- Check to see if SQL agent is running and obtain jobs