| # Moved to https://github.com/lanmaster53/pyscripter-er/tree/master/snippets |
| # search for and reproduce output that matches a specific regex. | |
| alias search { | |
| local('$regex $regex2 $entry $event $bid $out $when'); | |
| # take all of the args, without processing/parsing as normal. | |
| if (strlen($0) > 7) { | |
| $regex = substr($0, 7); | |
| } | |
| else { | |
| berror($1, "search [regex]"); |
We can do this by experimenting with .config files.
Many defenders catch/detect files that are renamed, they do this by matching Original Filename to Process Name
In this example, we don't have to rename anything. We simple coerce a trusted signed app to load our Assembly.
We do this by directing the application to read a config file we provide.
Lost in Translation - A repository of the leaked tools
MS17-010 - Port of some of the exploits to Windows 10
| # Converts OpenAI compatible function calling JSON schema to a prompt that instructs the LLM to return | |
| # a JSON object that is a choice of a function call conforming to one of the functions or a message reply | |
| def convert_schema_to_typescript(schema): | |
| if not schema: | |
| return 'any' | |
| if '$ref' in schema: | |
| return schema['$ref'].replace('#/definitions/', '') |
| function Get-InjectedThread | |
| { | |
| <# | |
| .SYNOPSIS | |
| Looks for threads that were created as a result of code injection. | |
| .DESCRIPTION | |
The following content is generated using a preview release of Swimlane's pyattck.
This snippet of data is scoped to the following actor groups:
This is a guide on how to email securely.
There are many guides on how to install and use PGP to encrypt email. This is not one of them. This is a guide on secure communication using email with PGP encryption. If you are not familiar with PGP, please read another guide first. If you are comfortable using PGP to encrypt and decrypt emails, this guide will raise your security to the next level.
In episode 338 of the 7 Minute Security podcast, I talked about a recent engagement where I helped a customer do a bit of a SIEM solution bake-off. This gist is the companion to that episode, and is broken down into the following two sections:
Questionnaire - a series of questions you can ask SIEM vendors to gather as many data points about their products and services as possible
SIEM tests - a few tests you can conduct on your internal/external network to see if your SIEM solution indeed coughs up alerts on some things it should indeed whine about
