Pradyumna Joshi PSJoshi
z0rs
/ Red-Teaming-tool.md
Last active
May 18, 2024 06:41
rasbt
/ video-subtitles-via-whisper.py
Last active
September 19, 2023 21:14
Script that creates subtitles (closed captions) for all MP4 video files in your current directory
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Sebastian Raschka 09/24/2022 | |
| # Create a new conda environment and packages | |
| # conda create -n whisper python=3.9 | |
| # conda activate whisper | |
| # conda install mlxtend -c conda-forge | |
| # Install ffmpeg | |
| # macOS & homebrew | |
| # brew install ffmpeg | |
| # Ubuntu |
svch0stz
/ defenderwatch.ps1
Last active
November 18, 2022 01:03
WMI Watcher for Windows Defender RealtimeMonitoring
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $WMI = @{ | |
| Query = "SELECT * FROM __InstanceModificationEvent WITHIN 5 WHERE TargetInstance ISA 'MSFT_MpPreference' AND TargetInstance.DisableRealtimeMonitoring=True" | |
| Action = { | |
| #$Global:Data = $Event | |
| Write-Host "Defender Configuration change - DisableRealtimeMonitoring:"$Event.SourceEventArgs.NewEvent.TargetInstance.DisableRealtimeMonitoring"(Old Value:"$Event.SourceEventArgs.NewEvent.PreviousInstance.DisableRealtimeMonitoring")" | |
| } | |
| Namespace = 'root\microsoft\windows\defender' | |
| SourceIdentifier = "Defender.DisableRealtimeMonitoring" | |
| } | |
| $Null = Register-WMIEvent @WMI |
int0x80
/ SSH Agent Forwarding.md
Created
January 7, 2021 00:59
Here's one of my favorite techniques for lateral movement: SSH agent forwarding. Use a UNIX-domain socket to advance your presence on the network. No need for passwords or keys.
root@bastion:~# find /tmp/ssh-* -type s
/tmp/ssh-srQ6Q5UpOL/agent.1460
root@bastion:~# SSH_AUTH_SOCK=/tmp/ssh-srQ6Q5UpOL/agent.1460 ssh user@internal.company.tld
user@internal:~$ hostname -f
internal.company.tld
MSAdministrator
/ iranian_apit_groups_possible_commands.md
Last active
April 10, 2024 14:30
Iranian APT Groups & Possible Commands Used By These Groups
The following content is generated using a preview release of Swimlane's pyattck.
This snippet of data is scoped to the following actor groups:
- APT33
- APT34
- APT39
- Charming Kitten
cecilemuller
/ 2019-https-localhost.md
Last active
June 18, 2024 21:43
How to create an HTTPS certificate for localhost domains
This focuses on generating the certificates for loading local virtual hosts hosted on your computer, for development only.
Do not use self-signed certificates in production ! For online certificates, use Let's Encrypt instead (tutorial).
bhavika
/ Pyleargist.md
Last active
March 6, 2022 13:10
mackwage
/ windows_hardening.cmd
Last active
June 24, 2024 05:08
Script to perform some hardening of Windows OS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| :: Windows 10 Hardening Script | |
| :: This is based mostly on my own personal research and testing. My objective is to secure/harden Windows 10 as much as possible while not impacting usability at all. (Think being able to run on this computer's of family members so secure them but not increase the chances of them having to call you to troubleshoot something related to it later on). References for virtually all settings can be found at the bottom. Just before the references section, you will always find several security settings commented out as they could lead to compatibility issues in common consumer setups but they're worth considering. | |
| :: Obligatory 'views are my own'. :) | |
| :: Thank you @jaredhaight for the Win Firewall config recommendations! | |
| :: Thank you @ricardojba for the DLL Safe Order Search reg key! | |
| :: Thank you @jessicaknotts for the help on testing Exploit Guard configs and checking privacy settings! | |
| :: Best script I've found for Debloating Windows 10: https://github.com/Sycnex/Windows10Debloater | |
| : |
hiddenillusion
/ From_scratch.md
Last active
November 7, 2023 04:50
| Name/Link | Description/Purpose | Tags |
|---|---|---|
| Uber's SSH CA | A pam module that will authenticate a user based on them having an ssh certificate in their ssh-agent signed by a specified ssh CA. | Linux |
| Netflix's BLESS | An SSH Certificate Authority that runs as an AWS Lambda function and is used to sign SSH public keys. | AWS,Linux |
| SSH Cert Authority | An implementation of an SSH certificate authority/ | |
| Square's Sharkey | Sharkey is a service for managing certificates for use by OpenSSH | Linux |
| Google's IAP | Cloud Identity-Aware Proxy (Cloud IAP) controls access to your cloud applications running on Google Cloud Platform. Cloud IAP works by verifying a user’s identity and determining if that user should be allowed to access the application. | Google Cloud Platform |
queencitycyber
/ gist:d17f0093ee0130f3d4c4488b57d06986
Created
January 4, 2017 04:23
Running guide for CTF's
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Good detailed info on running solid CTF: https://github.com/pwning/docs/blob/master/suggestions-for-running-a-ctf.markdown | |
| General Notes: | |
| - Announce on ctftime.org | |
| - Make flag easy! | |
| "Flag=somsomething" | |
| - Make flag very permissible (insensitive, accept multiple features, etc) | |
| - Deliver files via HTTP | |
NewerOlder