NetSPI Releases Two Open-Source Tools for the Information Security Community

Published: Aug. 9, 2022 at 10:00 AM EDT

The tools help defense teams discover vulnerable network shares and identify adversary behaviors

MINNEAPOLIS, Aug. 9, 2022 /PRNewswire/ -- NetSPI, the leader in enterprise penetration testing and attack surface management, today unveiled two new open-source tools for the information security community: PowerHuntShares and PowerHunt.

NetSPI logo (PRNewsfoto/NetSPI)
NetSPI logo (PRNewsfoto/NetSPI)(PRNewswire)

These new adversary simulation tools were developed by NetSPI's Senior Director, Scott Sutherland, to help defense, identity and access management (IAM), and security operations center (SOC) teams discover vulnerable network shares and improve detections.

  • PowerHuntShares inventories, analyzes, and reports excessive privilege assigned to SMB shares on Active Directory domain joined computers. This capability helps address the risks of excessive share permissions in Active Directory environments that can lead to data exposure, privilege escalation, and ransomware attacks within enterprise environments.
  • PowerHunt, a modular threat hunting framework, identifies signs of compromise based on artifacts from common MITRE ATT&CK techniques and detects anomalies and outliers specific to the target environment. PowerHunt automates the collection of artifacts at scale using PowerShell remoting and perform initial analysis. It can also output easy to consume .csv files so that additional triage and analysis can be done using other tools and processes.

"I'm proud to work for an organization that understands the importance of open-source tool development and encourages innovation through collaboration," said Scott. "I urge the security community to check out and contribute to these tools so we can better understand our SMB share attack surfaces and improve strategies for remediation, together."

To see PowerHuntShares in action and explore the risks of excessive share permissions, read Scott's blog, or register for our upcoming webinar, How to Evaluate Active Directory SMB Shares at Scale. For those attending Black Hat on August 10-11, request a meeting with Scott at NetSPI booth #1687.

NetSPI's global penetration testing team has developed several open-source tools, including popular penetration testing tools PowerUpSQL and MicroBurst. Learn more about NetSPI's commitment to open-source tool development on the company's tool repository.

About NetSPI 

NetSPI is the leader in enterprise security testing and attack surface management, partnering with nine of the top 10 U.S. banks, three of the world's five largest healthcare companies, the largest global cloud providers, and many of the Fortune® 500. NetSPI offers Penetration Testing as a Service (PTaaS) through its Resolve™ penetration testing and vulnerability management platform. Its experts perform deep dive manual penetration testing of application, network, and cloud attack surfaces, historically testing over one million assets to find four million unique vulnerabilities. NetSPI is headquartered in Minneapolis, MN and is a portfolio company of private equity firms Sunstone Partners, KKR, and Ten Eleven Ventures. Follow us on FacebookTwitter, and LinkedIn.

Media Contacts:
Tori Norris, NetSPI
(630) 258-0277 
Inkhouse for NetSPI
(774) 451-5142

View original content to download multimedia:


The above press release was provided courtesy of PRNewswire. The views, opinions and statements in the press release are not endorsed by Gray Media Group nor do they necessarily state or reflect those of Gray Media Group, Inc.