I hereby claim:
- I am jlawhon on github.
- I am jlawhon (https://keybase.io/jlawhon) on keybase.
- I have a public key ASCsWBizCDPHZqtryDBVI2Oy9BjOtY2PkPD5zey747Y7PAo
To claim this, I am signing this object:
I hereby claim:
To claim this, I am signing this object:
#!/bin/bash | |
user="CHANGEME" | |
pages=$(curl -I https://api.github.com/users/$user/starred | sed -nr 's/^Link:.*page=([0-9]+).*/\1/p') | |
for page in $(seq 0 $pages); do | |
curl "https://api.github.com/users/$user/starred?page=$page&per_page=100" | jq -r '.[].html_url' | | |
while read rp; do | |
git clone $rp | |
done |
# PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
# tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
# the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
# https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
# New function naming schema: | |
# Verbs: | |
# Get : retrieve full raw data sets | |
# Find : ‘find’ specific data entries in a data set |
# NOTE: the most updated version of PowerView (http://www.harmj0y.net/blog/powershell/make-powerview-great-again/) | |
# has an updated tricks Gist at https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993 | |
# get all the groups a user is effectively a member of, 'recursing up' | |
Get-NetGroup -UserName <USER> | |
# get all the effective members of a group, 'recursing down' | |
Get-NetGroupMember -GoupName <GROUP> -Recurse | |
# get the effective set of users who can administer a server |
Below is a cheatsheet for creating SQL Server client connection strings and finding them in common configuration files. | |
------------------------------------------------------------------ | |
CREATING CONNECTION STRINGS | |
------------------------------------------------------------------ | |
---------------------- | |
Authentication Options | |
---------------------- |
# Carbon Black Evil PowerShell LSASS Query | |
# | |
# Prints out malicious Powershell events that have a crossproc event for c:\windows\system32\lsass.exe | |
# | |
# Author: Jason Lang (@curi0usJack) | |
# | |
# Prereqs (Windows 10) | |
# Install bash on Win10 | |
# sudo apt-get install python-pip | |
# sudo pip install --upgrade requests |
//https://github.com/twelvesec/passcat | |
//GNU General Public License v3.0 | |
//@maldevel | |
//... | |
static void _handle_credentials(std::string hostname, std::string encUsername, std::string encPassword) { | |
int len = 0; | |
char *decoded; | |
int adjust = 0; |
#!/usr/bin/python3 | |
# Vigenere Cipher solver thing | |
# by fattire / github.com/fat-tire | |
# for puzzle at http://www.recruitahacker.net/Puzzle | |
# For more, see: https://en.wikipedia.org/wiki/Vigen%C3%A8re_cipher | |
import string | |
key = "aaaaaaaaaaaaaaaaaa" # Gotta start somewhere | |
newkey = "" |
# ARCYBER cipher text generator | |
# Modified from existing code on the internet | |
def subchar(a, b): | |
return (((ord(b)-97) - (ord(a)-97)) % 26) + 97 | |
def getkey(question, answer): | |
assert len(question) == len(answer), 'Length mismatch' | |
q = question.lower() | |
a = answer.lower() |
#!/bin/bash | |
# | |
# Shellshock Console | |
# Created by rstoner (Ron Stoner) | |
# for Hackmethod 2017 CTF challenges | |
# | |
# Replace {webserver} and {scriptname} with targets | |
which curl &>/dev/null | |
if [[ $? -ne 0 ]]; then |