This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from scapy.all import rdpcap, IP, TCP, DNS, DNSQR | |
| from collections import defaultdict | |
| import argparse | |
| def banner(): | |
| print(""" | |
| ╔═╗┌─┐┌─┐┌─┐ ╔═╗┌┐┌┌─┐┬ ┬ ┬┌─┐┌─┐┬─┐ | |
| ╠═╝│ ├─┤├─┘ ╠═╣│││├─┤│ └┬┘┌─┘├┤ ├┬┘ | |
| ╩ └─┘┴ ┴┴ ╩ ╩┘└┘┴ ┴┴─┘┴ └─┘└─┘┴└─ | |
| """) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # Author: Jakob Friedl | |
| # Description: Generate powershell reverse shell payloads | |
| import sys | |
| import base64 | |
| import argparse | |
| parser = argparse.ArgumentParser(description="Powershell reverse shell generator") | |
| parser.add_argument('ip') |
jakobfriedl
/ mitre_parser.py
Last active
October 30, 2023 15:19
Parses MITRE ATT&CK enterprise tactics, techniques and sub-techniques to python list format
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # -*- Coding: UTF-8 -*- | |
| # Author: Jakob Friedl | |
| # Created on: Mon, 30. Oct. 2023 | |
| # Description: Parses MITRE ATT&CK enterprise tactics, techniques and sub-techniques | |
| from bs4 import BeautifulSoup | |
| import requests | |
| import re | |
| import urllib3 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # -*- Coding: UTF-8 -*- | |
| # Author: Jakob Friedl | |
| # Created on: Mon, 23. Oct 2023 | |
| # Description: Active Directory object enumeration for Havoc | |
| import havocui | |
| import havoc | |
| import re |
jakobfriedl
/ stager.nim
Created
October 24, 2023 10:43
Shellcode stager that loads remote shellcode directly into memory of specified process.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import winim | |
| import os | |
| import httpclient, streams | |
| import sequtils, strutils, strformat | |
| # Status indicators | |
| template success(s: varargs[untyped]): untyped = | |
| when DEBUG: | |
| echo "[+] ", s | |
| template fail(s: varargs[untyped]): untyped = |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # -*- Coding: UTF-8 -*- | |
| # Author: Jakob Friedl | |
| # Created on: Mon, 16. Oct 2023 | |
| # Description: Shhhloader support for Havoc C2 framework | |
| # Usage: Load this script into Havoc: Scripts -> Scripts Manager -> Load to create Shhhloader Tab | |
| import os, sys, subprocess | |
| import threading | |
| import havoc |