CrackMapExec vs Inveigh
GitHub Stats
About CrackMapExec
CrackMapExec is a versatile tool for pentesting Active Directory environments, offering capabilities for SMB, LDAP, MSSQL, and WinRM enumeration and exploitation. It facilitates lateral movement and credential spraying attacks while providing a comprehensive interface for testing domain credentials and configurations. Written in Python, it is favored by security professionals for its integration with offensive security operations, allowing for efficient discovery and exploitation of network vulnerabilities.
About Inveigh
Inveigh is a .NET/PowerShell tool for network protocol poisoning and relay attacks on Windows networks. It spoofs LLMNR, NBNS, mDNS, DNS, and DHCPv6 responses to capture NTLMv1/v2 hashes from hosts attempting name resolution. Beyond simple hash capture, Inveigh includes an SMB relay module that forwards captured authentication to other hosts for immediate code execution without cracking. The .NET version (InveighZero) runs as a standalone executable without PowerShell dependencies, evading script-based detections. It is the Windows-native alternative to Responder.
Platform Support
Tags
Shared
CrackMapExec only
Inveigh only