This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
user="CHANGEME" | |
pages=$(curl -I https://api.github.com/users/$user/starred | sed -nr 's/^Link:.*page=([0-9]+).*/\1/p') | |
for page in $(seq 0 $pages); do | |
curl "https://api.github.com/users/$user/starred?page=$page&per_page=100" | jq -r '.[].html_url' | | |
while read rp; do | |
git clone $rp | |
done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
# tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
# the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
# https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
# New function naming schema: | |
# Verbs: | |
# Get : retrieve full raw data sets | |
# Find : ‘find’ specific data entries in a data set |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# NOTE: the most updated version of PowerView (http://www.harmj0y.net/blog/powershell/make-powerview-great-again/) | |
# has an updated tricks Gist at https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993 | |
# get all the groups a user is effectively a member of, 'recursing up' | |
Get-NetGroup -UserName <USER> | |
# get all the effective members of a group, 'recursing down' | |
Get-NetGroupMember -GoupName <GROUP> -Recurse | |
# get the effective set of users who can administer a server |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Below is a cheatsheet for creating SQL Server client connection strings and finding them in common configuration files. | |
------------------------------------------------------------------ | |
CREATING CONNECTION STRINGS | |
------------------------------------------------------------------ | |
---------------------- | |
Authentication Options | |
---------------------- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Carbon Black Evil PowerShell LSASS Query | |
# | |
# Prints out malicious Powershell events that have a crossproc event for c:\windows\system32\lsass.exe | |
# | |
# Author: Jason Lang (@curi0usJack) | |
# | |
# Prereqs (Windows 10) | |
# Install bash on Win10 | |
# sudo apt-get install python-pip | |
# sudo pip install --upgrade requests |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//https://github.com/twelvesec/passcat | |
//GNU General Public License v3.0 | |
//@maldevel | |
//... | |
static void _handle_credentials(std::string hostname, std::string encUsername, std::string encPassword) { | |
int len = 0; | |
char *decoded; | |
int adjust = 0; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python3 | |
# Vigenere Cipher solver thing | |
# by fattire / github.com/fat-tire | |
# for puzzle at http://www.recruitahacker.net/Puzzle | |
# For more, see: https://en.wikipedia.org/wiki/Vigen%C3%A8re_cipher | |
import string | |
key = "aaaaaaaaaaaaaaaaaa" # Gotta start somewhere | |
newkey = "" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# ARCYBER cipher text generator | |
# Modified from existing code on the internet | |
def subchar(a, b): | |
return (((ord(b)-97) - (ord(a)-97)) % 26) + 97 | |
def getkey(question, answer): | |
assert len(question) == len(answer), 'Length mismatch' | |
q = question.lower() | |
a = answer.lower() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# | |
# Shellshock Console | |
# Created by rstoner (Ron Stoner) | |
# for Hackmethod 2017 CTF challenges | |
# | |
# Replace {webserver} and {scriptname} with targets | |
which curl &>/dev/null | |
if [[ $? -ne 0 ]]; then |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?XML version="1.0"?> | |
<scriptlet> | |
<registration | |
progid="PoC" | |
classid="{F0001111-0000-0000-0000-0000FEEDACDC}" > | |
<!-- Proof Of Concept - Casey Smith @subTee --> | |
<!-- License: BSD3-Clause --> | |
<script language="JScript"> | |
<![CDATA[ | |
OlderNewer