ENNAENNA

Inveigh

BSD-3-Clause

๐Ÿ”ฅ Offensive Ops ยท C#

Inveigh is a .NET/PowerShell tool for network protocol poisoning and relay attacks on Windows networks. It spoofs LLMNR, NBNS, mDNS, DNS, and DHCPv6 responses to capture NTLMv1/v2 hashes from hosts attempting name resolution. Beyond simple hash capture, Inveigh includes an SMB relay module that forwards captured authentication to other hosts for immediate code execution without cracking. The .NET version (InveighZero) runs as a standalone executable without PowerShell dependencies, evading script-based detections. It is the Windows-native alternative to Responder.

3.0kstars
466forks
20issues
Updated 5mo ago
+I use this
View on GitHub

Installation

$ git clone https://github.com/Kevin-Robertson/Inveigh.git

Use Cases

  • Capturing NTLM hashes via name resolution poisoning
  • SMB relay attacks for lateral movement
  • DHCPv6 spoofing for credential interception
  • Windows-native alternative to Responder

Tags

llmnr-poisoningntlm-relaycredential-captureactive-directoryname-resolution

Details

Category
๐Ÿ”ฅ Offensive Ops
Language
C#
License
BSD-3-Clause
Platforms
๐ŸชŸwindows

Links

GitHub Repository

github.com/Kevin-Robertson/Inveigh

Releases

github.com/Kevin-Robertson/Inveigh/releases

Issues

github.com/Kevin-Robertson/Inveigh/issues

Sponsored

Your ad here

Reach security professionals and developers - ads@en-na.com

Community Reviews

Alternatives & Comparisons

Responder

Python

LLMNR/NBT-NS/mDNS poisoner and rogue authentication server. Captures NTLMv1/v2 hashes on the network.

Compare Inveigh vs Responder

CrackMapExec

Python

Swiss army knife for pentesting Active Directory. SMB, LDAP, MSSQL, WinRM enumeration and exploitation.

Compare Inveigh vs CrackMapExec

NetExec

Python

Network execution tool - the maintained successor to CrackMapExec. SMB, LDAP, WinRM, SSH, MSSQL, and more.

Compare Inveigh vs NetExec

PetitPotam

Python

NTLM relay coercion tool. Forces Windows machines to authenticate via MS-EFSRPC, enabling relay attacks for domain compromise.

Compare Inveigh vs PetitPotam

More in Offensive Ops

Mythic

Go

Collaborative, multi-platform C2 framework. Docker-based with web UI, multiple agent types, and plugin architecture.

c2red-teammulti-operator

Havoc

C/C++

Modern C2 framework. Qt-based GUI, BOF support, custom agents, and a Cobalt Strike-inspired workflow.

c2red-teamgui

Rubeus

C#

C# toolset for raw Kerberos interaction and abuse. AS-REP roasting, Kerberoasting, ticket manipulation, delegation attacks.

kerberosactive-directoryroasting

Certipy

Python

Active Directory Certificate Services (AD CS) abuse tool. Find and exploit certificate template misconfigurations.

active-directorycertificatesadcs

Coercer

Python

Automatically find and exploit Windows authentication coercion vulnerabilities. PetitPotam, PrinterBug, and more.

authentication-coercionntlm-relaypetitpotam

SharpHound

C#

Official BloodHound data collector. Enumerates Active Directory objects, sessions, ACLs, and trusts for graph analysis.

active-directoryenumerationbloodhound