Skip to content

Instantly share code, notes, and snippets.

CCob / patchless_amsi.h
Created Apr 17, 2022
In-Process Patchless AMSI Bypass
View patchless_amsi.h
#include <windows.h>
static const int AMSI_RESULT_CLEAN = 0;
PVOID g_amsiScanBufferPtr = nullptr;
unsigned long long setBits(unsigned long long dw, int lowBit, int bits, unsigned long long newValue) {
HarmJ0y / Jenkinsfile
Created Nov 2, 2020
Rubeus Jenkinsfile
View Jenkinsfile
@Library('ci-jenkins-common') _
// Jenkins build pipeline (declarative)
// Project: Seatbelt
// URL:
// Author: @tifkin_/@harmj0y
// Pipeline Author: harmj0y
def gitURL = ""
s0h3ck / notes
Last active Jun 30, 2021
Quick Discord Notes - Training: Active Defense & Cyber Deception w/ John Strand [04-09-2020]
View notes
AV Products or Companies:
Carbon Black
Check Point
Elastic Endpoint Security
TarlogicSecurity /
Created May 14, 2019
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet



python -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

jeffmcjunkin / gist:7b4a67bb7dd0cfbfbd83768f3aa6eb12
Last active Sep 8, 2022
Useful Cypher queries for BloodHound
View gist:7b4a67bb7dd0cfbfbd83768f3aa6eb12
MATCH (u:User)-[r:AdminTo|MemberOf*1..]->(c:Computer
That’ll return a list of users who have admin rights on at least one system either explicitly or through group membership
WITH as n,
jhaddix / cloud_metadata.txt
Last active Sep 24, 2022 — forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
View cloud_metadata.txt
## AWS
psignoret / Get-AzureADPSPermissions.ps1
Last active Sep 26, 2022
Script to list all delegated permissions and application permissions in Azure AD
View Get-AzureADPSPermissions.ps1
Lists delegated permissions (OAuth2PermissionGrants) and application permissions (AppRoleAssignments).
.PARAMETER DelegatedPermissions
If set, will return delegated permissions. If neither this switch nor the ApplicationPermissions switch is set,
both application and delegated permissions will be returned.
.PARAMETER ApplicationPermissions
If set, will return application permissions. If neither this switch nor the DelegatedPermissions switch is set,
mikepsinn / install-choco-script.bat
Last active Dec 30, 2021
Windows server Choco automated install script
View install-choco-script.bat
:: Download this and execute as admin
:: Install choco .exe and add choco to PATH
@powershell -NoProfile -ExecutionPolicy Bypass -Command "iex ((New-Object System.Net.WebClient).DownloadString(''))" && SET "PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin"
choco feature enable -n allowGlobalConfirmation
:: Just install node stuff manually. Trust me.
:: choco install nodejs-lts --install-directory='C:\nodejs' -fy
:: npm install -g gulp cordova@6.5.0 ionic@2.2.3 bower
ropnop /
Last active Jun 6, 2021
A quick tool to bruteforce an AD user's password by requesting TGTs from the Domain Controller with 'kinit'
# Title:
# Author: @ropnop
# Description: This is a PoC for bruteforcing passwords using 'kinit' to try to check out a TGT from a Domain Controller
# The script configures the realm and KDC for you based on the domain provided and the domain controller
# Since this configuration is only temporary though, if you want to actually *use* the TGT you should actually edit /etc/krb5.conf
# Only tested with Heimdal kerberos (error messages might be different for MIT clients)
# Note: this *will* lock out accounts if a domain lockout policy is set. Be careful
jbratu / setupiisforsslperfectforwardsecrecy_v17.ps1
Last active Sep 20, 2022
Great powershell script for tightening HTTPS security on IIS and disabling insecure protocols and ciphers. Very useful on core installations.
View setupiisforsslperfectforwardsecrecy_v17.ps1
# Copyright 2019, Alexander Hass
# After running this script the computer only supports:
# - TLS 1.2
# Version 3.0.1, see CHANGELOG.txt for changes.
Write-Host 'Configuring IIS with SSL/TLS Deployment Best Practices...'
Write-Host '--------------------------------------------------------------------------------'