How to install various tools useful for threat hunting.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
if [ $# -eq 0 ]; then | |
cat <<EOF | |
Usage: $0 <docker image> <ssh args> | |
<docker image> the name of the image to transfer | |
<ssh args> all arguments are passed through to ssh to establish the connection | |
EOF | |
exit 1 | |
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Function Resolve-Host() | |
{ | |
Param( | |
[Parameter(Mandatory=$true,Position=0)] $HostEntry, | |
[Switch] $HostnameToIP, | |
[Switch] $FlushDNS | |
) | |
If($FlushDNS) | |
{ |
FWIW: I didn't produce the content presented here (the outline from Edmond Lau's book). I've just copy-pasted it from somewhere over the Internet, but I cannot remember what exactly the original source is. I was also not able to find the author's name, so I cannot give him/her the proper credits.
- By Edmond Lau
- Highly Recommended 👍
- http://www.theeffectiveengineer.com/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
############################################################################################################ | |
# ---------------------------------------------------------------------- | |
# ASN/IPv4/Prefix lookup tool. Uses Team Cymru's whois service for data. | |
# ---------------------------------------------------------------------- | |
# example usage: | |
# asn <ASnumber> -- to lookup matching ASN data. Supports "as123" and "123" formats (case insensitive) | |
# asn <IP.AD.DR.ESS> -- to lookup matching route and ASN data | |
# asn <ROUTE> -- to lookup matching ASN data |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CoordMode, Mouse, Screen | |
MouseGetPos, CurrentX, CurrentY | |
Loop { | |
Sleep, 60000 | |
LastX := CurrentX | |
LastY := CurrentY | |
MouseGetPos, CurrentX, CurrentY | |
If (CurrentX = LastX and CurrentY = LastY) { |
It "types" the contents of the clipboard.
Why can't you just paste the contents you ask? Sometimes pasting just doesn't work.
- One example is in system password fields on OSX.
- Sometimes you're working in a VM and the clipboard isn't shared.
- Other times you're working via Remote Desktop and again, the clipboard doesn't work in password boxes such as the system login prompts.
- Connected via RDP and clipboard sharing is disabled and so is mounting of local drives. If the system doesn't have internet access there's no easy way to get things like payloads or Powershell scripts onto it... until now.
The Windows version is written in AutoHotKey and easily compiles to an executable. It's a single line script that maps Ctrl-Shift-V to type the clipboard.
Interactive App That Execs Inside of InstallUtil. An MS Signed Binary. Prototype. More Soon
10:41 PM - 3 Sep 2015
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.IO; | |
using System.Net; | |
using System.Text; | |
using System.IO.Compression; | |
using System.Collections.Generic; | |
using System.Configuration.Install; | |
using System.Runtime.InteropServices; | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# Reflects the requests from HTTP methods GET, POST, PUT, and DELETE | |
# Written by Nathan Hamiel (2010) | |
from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler | |
from optparse import OptionParser | |
class RequestHandler(BaseHTTPRequestHandler): | |
def do_GET(self): |
NewerOlder