###how to install elasticsearch with kibana
#if you use the "docker WSL 2 enngine" then run the 3 command bellow, 1 at the time:
sysctl -w vm.max_map_count=262144
wsl -d docker-desktop
exit
Jonathan Todd jt0dd
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://192.168.191.31:8006/ | |
| $i="$env:USERPROFILE\Desktop\EricZimmermanTools"; (New-Object Net.WebClient).DownloadFile('https://f001.backblazeb2.com/file/EricZimmermanTools/Get-ZimmermanTools.zip',"${i}.zip"); Expand-Archive "$i.zip" -DestinationPath $i; Remove-Item "$i.zip"; PowerShell "$i\Get-ZimmermanTools.ps1" -Dest "$i\Tools" | |
| & "$i\Tools\net6\PECmd.exe" -d "C:\Windows\Prefetch" --json "$i\Outputs" --csv "$i\Outputs" | |
| & "$i\Tools\net6\TimelineExplorer\TimelineExplorer.exe" | |
| & "$i\Tools\net6\EvtxECmd\EvtxECmd.exe" -d "C:\Windows\System32\winevt\Logs" --json "$i\Outputs" --csv "$i\Outputs" |
jt0dd
/ polling.js
Created
April 8, 2024 17:23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| async function executeCommands(ssh, commands) { | |
| let commandOutput = ''; // Collect command output | |
| let currentIndex = 0; // Track the current command index | |
| let outputs = [] | |
| // Function to write the next command if available | |
| const writeNextCommand = () => { | |
| if (currentIndex < commands.length) { | |
| console.log('Executing command:', commands[currentIndex], 'of commands', commands); |
jt0dd
/ vagrant output.txt
Created
April 18, 2022 06:22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PS E:\red_team_attack_lab-main> vagrant up | |
| Bringing machine 'dc01' up with 'virtualbox' provider... | |
| Bringing machine 'win2022-1' up with 'virtualbox' provider... | |
| Bringing machine 'win2019-adcs' up with 'virtualbox' provider... | |
| Bringing machine 'win2019-1' up with 'virtualbox' provider... | |
| Bringing machine 'win10-1' up with 'virtualbox' provider... | |
| Bringing machine 'win10-2' up with 'virtualbox' provider... | |
| Bringing machine 'win11-1' up with 'virtualbox' provider... | |
| Bringing machine 'win10-dev' up with 'virtualbox' provider... | |
| Bringing machine 'win7-1' up with 'virtualbox' provider... |
jt0dd
/ how to install elasticsearch with kibana.md
Created
March 31, 2022 01:17
— forked from ionutale/how to install elasticsearch with kibana.md
a small guide to install elasticsearch stack on WSL 2 docker engine
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // my project is built with a framework I built called Manifest.JS, almost every file looks just like this: | |
| // creates a webpage element, the first two arguments are all you need to understand to complete this work: | |
| const elem = new Element('div', settingsObj) | |
| elem.appendTo(document.body) | |
| // to decide what happens in the element, settingsObj looks like this and every property is optional (empty settings would create an empty element): | |
| { | |
| name: 'hi', // helps debugging, just a name | |
| traits: { |
jt0dd
/ example.js
Created
October 8, 2021 21:22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function replace(ref) { | |
| ref = {}; // this code does _not_ affect the object passed | |
| } | |
| function update(ref) { | |
| ref.key = 'newvalue'; // this code _does_ affect the _contents_ of the object | |
| } | |
| var a = { key: 'value' }; | |
| replace(a); // a still has its original value - it's unmodfied |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function isObjNotArray(obj) { | |
| return obj && typeof obj == 'object' && !Array.isArray(obj) | |
| } | |
| function isIterable(obj) { | |
| let type = false | |
| if (isObjNotArray(obj)) type = 'obj' | |
| else if (Array.isArray(obj)) type = 'arr' | |
| return type | |
| } |
jt0dd
/ binary obfuscation
Created
August 29, 2021 14:10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Binary obfuscation employed thoroughly. It is prevalent to note the distinction between preventing reverse engineering and preventing fingerprinting. A tool that makes software incredibly difficult to reverse-engineer often involves binary obfuscation structures that would be trivial to fingerprint. | |
| Employ memory and data scraping prevention. If a program saves a string in memory, ensure it is represented in a randomized, encoded manner to avoid behaving as a signature via memory scraper. If the original executable contains any image or alternate data, ensure this is obfuscated randomly and effectively before delivery to the target. | |
| Evade AV emulation (pre-execution) detection products via black box attacks. See AVLeak, Blackthorne et al (video presentation if preferred, Blackhat 2016). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Set-mppreference –DisableRealtimeMonitoring $TRUE | |
| new-item "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sethc.exe" | |
| Get-psdrive | |
| Start-transcript | out-null | |
| Set-ExecutionPolicy Unrestricted | |
| Update-Help -Force | |
| -ErrorAction SilentlyContinue | |
| 2>$null 2>\dev\null | |
| set-alias edit notepad.exe | |
| Get-process | get-member |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| py Tensorflow\models\research\object_detection\export_inference_graph.py --input_type image_tensor --pipeline_config_path Tensorflow\workspace\models\my_ssd_mobnet\pipeline.config --trained_checkpoint_prefix Tensorflow\workspace\pre-trained-models\ssd_mobilenet_v2_fpnlite_640x640_coco17_tpu-8\checkpoint\ckt-5.data-00000-of-00001 --output_directory Tensorflow\workspace\models\my_ssd_mobnet\export | |
| 2021-07-16 12:06:25.701510: I tensorflow/stream_executor/platform/default/dso_loader.cc:53] Successfully opened dynamic library cudart64_110.dll | |
| 2021-07-16 12:06:28.075448: I tensorflow/stream_executor/platform/default/dso_loader.cc:53] Successfully opened dynamic library nvcuda.dll | |
| 2021-07-16 12:06:28.093311: I tensorflow/core/common_runtime/gpu/gpu_device.cc:1733] Found device 0 with properties: | |
| pciBusID: 0000:01:00.0 name: NVIDIA GeForce RTX 2080 SUPER computeCapability: 7.5 | |
| coreClock: 1.845GHz coreCount: 48 deviceMemorySize: 8.00GiB deviceMemoryBandwidth: 462.00GiB/s | |
| 2021-07-16 12:06:28.093541: I t |
NewerOlder