faisalfs10x

#!/usr/bin/python3

"""
# GitHub: https://github.com/faisalfs10x

# Usage
M365-msgraphenum.py -auth <token_file> -mode user
M365-msgraphenum.py -auth <token_file> -mode roles
M365-msgraphenum.py -auth <token_file> -mode group
M365-msgraphenum.py -auth <token_file> -mode groupmember -gid <group_id>

faisalfs10x

#!/usr/bin/python3

import mmh3
import requests
import argparse
import codecs

requests.packages.urllib3.disable_warnings()
parser = argparse.ArgumentParser(description='Process a favicon.ico and calculate its hash')
parser.add_argument('url', help='The URL path to favicon.ico')

faisalfs10x

Set up an HTB (Hack The Box) OpenVPN client in Ubuntu 18 to act as a VPN gateway and forward traffic from your LAN, which includes a Kali machine, to the internal network of HTB.

---

• Problem: OpenVPN allow single connection concurrently to connect to the HTB lab. Hence, we can't distribute the OpenVPN config file to others as it will kick out the previously connected user.
• What to expect: Able to share connection with multiple clients within the same network to HTB lab via Ubuntu server as VPN gateway.
• Issue to expect: 1) Could not establish reverse shell directly to Kali machine.
• Workaround: 1) Use port forwarder eg, use socat or iptables in Ubuntu gateway and forward to Kali machine

---

faisalfs10x

<#
Meta
    Date: 2022 March 28th
    Authors: Dray Agha (Twitter @purp1ew0lf)
    Company: Huntress Labs
    Purpose: Automate setting up Sysmon and pulling Ippsec's sysmon IoC streamliner. Great for malware lab. 
#>

function admin_check{
    if (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole(`

faisalfs10x

#!/usr/bin/env python3
#
#    Malaysian's Identification Number Generation Tool.
#    Copyright (C) 2022
#
#    MIT License
#
import argparse
from datetime import date, timedelta

faisalfs10x

#!/usr/bin/python3

# Obfuscate IP address to decimal
import sys

ip_address = sys.argv[1]

# Convert IP address, split into 4 list as a zero-padded 2-digit hex and join list with no separator.
hex_ip = ''.join(['{:02x}'.format(int(i)) for i in ip_address.split('.')])

faisalfs10x

sudo apt-get install -y proxychains4 tor

# update /etc/proxychains-tor.conf and /etc/tor/torrc with the given config

# restart tor service
sudo systemctl restart tor.service

# test the connection with proxychains + tor
while true; do proxychains -q -f /etc/proxychains-tor.conf curl ifconfig.me \n; done

faisalfs10x

#!/usr/bin/env python

import argparse
import sys
import binascii
import socket
import re
from ldap3 import Server, Connection, NTLM, ALL, SUBTREE, ALL_ATTRIBUTES

# get /etc/hosts entries for domain-joined computers from A and AAAA records (via LDAP/ADIDNS) (@3xocyte)

faisalfs10x

WiFi-Pentest-Cheat-Sheet

Repo: https://github.com/faisalfs10x/WiFi-Pentest-Cheat-Sheet

Useful Term/Tool:

    airmon-ng - To enable/disable monitor mode on wireless interfaces
    aireplay-ng - To inject packets into a wireless network, deauthentications attack
    airodump-ng - Wireless packet capture tool used for packet capturing of raw 802.11 frames

aircrack-ng - A 802.11 WEP / WPA-PSK key cracker

faisalfs10x

https://github.com/faisalfs10x/custom-yara-rules

Goal: identify unique patterns and strings

https://en.wikipedia.org/wiki/List_of_file_signatures

Note: executable in Linux (ELF) has the sequence 7f 45 4c 46 02 01 01 Note: On Windows (MZ) it’s 4D 5A. add this sequence of hexadecimal numbers to avoid false positives Note: Hexadecimal strings must be put between { }. $magic_bytes = { 7f 45 4c 46 02 01 01 } //linux elf