Skip to content

Instantly share code, notes, and snippets.

@ethack
ethack / docker_image_ssh.sh
Created August 11, 2021 00:12
Transfer a docker image from one machine to another over SSH
#!/bin/bash
if [ $# -eq 0 ]; then
cat <<EOF
Usage: $0 <docker image> <ssh args>
<docker image> the name of the image to transfer
<ssh args> all arguments are passed through to ssh to establish the connection
EOF
exit 1
fi
Function Resolve-Host()
{
Param(
[Parameter(Mandatory=$true,Position=0)] $HostEntry,
[Switch] $HostnameToIP,
[Switch] $FlushDNS
)
If($FlushDNS)
{
@ethack
ethack / 1 readme.md
Last active September 7, 2023 19:36
Threat Hunting Tools

How to install various tools useful for threat hunting.

FWIW: I didn't produce the content presented here (the outline from Edmond Lau's book). I've just copy-pasted it from somewhere over the Internet, but I cannot remember what exactly the original source is. I was also not able to find the author's name, so I cannot give him/her the proper credits.


Effective Engineer - Notes

What's an Effective Engineer?

@ethack
ethack / asn
Created June 18, 2018 12:15 — forked from nitefood/README.md
ASN/IP/Route/hostname command line lookup tool to map any network to the corresponding ASN and prefix
#!/bin/bash
############################################################################################################
# ----------------------------------------------------------------------
# ASN/IPv4/Prefix lookup tool. Uses Team Cymru's whois service for data.
# ----------------------------------------------------------------------
# example usage:
# asn <ASnumber> -- to lookup matching ASN data. Supports "as123" and "123" formats (case insensitive)
# asn <IP.AD.DR.ESS> -- to lookup matching route and ASN data
# asn <ROUTE> -- to lookup matching ASN data
@ethack
ethack / nosleep.ahk
Created March 2, 2017 11:54
NoSleep
CoordMode, Mouse, Screen
MouseGetPos, CurrentX, CurrentY
Loop {
Sleep, 60000
LastX := CurrentX
LastY := CurrentY
MouseGetPos, CurrentX, CurrentY
If (CurrentX = LastX and CurrentY = LastY) {
@ethack
ethack / TypeClipboard.md
Last active October 10, 2024 02:37
Scripts that simulate typing the clipboard contents. Useful when pasting is not allowed.

It "types" the contents of the clipboard.

Why can't you just paste the contents you ask? Sometimes pasting just doesn't work.

  • One example is in system password fields on OSX.
  • Sometimes you're working in a VM and the clipboard isn't shared.
  • Other times you're working via Remote Desktop and again, the clipboard doesn't work in password boxes such as the system login prompts.
  • Connected via RDP and clipboard sharing is disabled and so is mounting of local drives. If the system doesn't have internet access there's no easy way to get things like payloads or Powershell scripts onto it... until now.

Windows

The Windows version is written in AutoHotKey and easily compiles to an executable. It's a single line script that maps Ctrl-Shift-V to type the clipboard.

@ethack
ethack / Notes.md
Last active September 5, 2015 07:02
InstallUtility Functions
@ethack
ethack / netkatz.cs
Last active September 7, 2023 19:40
Downloads and Executes Mimikatz In Memory From GitHub
using System;
using System.IO;
using System.Net;
using System.Text;
using System.IO.Compression;
using System.Collections.Generic;
using System.Configuration.Install;
using System.Runtime.InteropServices;
@ethack
ethack / reflect.py
Last active October 12, 2015 07:59 — forked from huyng/reflect.py
HTTP Reflector #python
#!/usr/bin/env python
# Reflects the requests from HTTP methods GET, POST, PUT, and DELETE
# Written by Nathan Hamiel (2010)
from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler
from optparse import OptionParser
class RequestHandler(BaseHTTPRequestHandler):
def do_GET(self):