One of my most used and favourite tools on any infrastructure test. Keimpx is a fantastic little tool which allows the spraying of Windows password hashes to a host or a list of multiple hosts to test for valid credentials. Once it finds a valid match it offers the ability to gain a reverse shell to the remote host. So if you obtain some password hashes and cant crack the password or you do not want to this is the tool to use. You can create a list of all network hosts to test the hashes against and also test with multiple hash credentials.

It can also be used as a psexec style tool if you know the user name and password, this can also be tested against multiple systems. (don’t forget to use the -D option when testing with Domain credentials).

Thanks for Bernardo Damele for this great tool. Download here: