ropnop

#!/bin/bash

# Title: kinit_brute.sh
# Author: @ropnop
# Description: This is a PoC for bruteforcing passwords using 'kinit' to try to check out a TGT from a Domain Controller
# The script configures the realm and KDC for you based on the domain provided and the domain controller
# Since this configuration is only temporary though, if you want to actually *use* the TGT you should actually edit /etc/krb5.conf
# Only tested with Heimdal kerberos (error messages might be different for MIT clients)
# Note: this *will* lock out accounts if a domain lockout policy is set. Be careful

mikepsinn

:: Download this and execute as admin

:: Install choco .exe and add choco to PATH
@powershell -NoProfile -ExecutionPolicy Bypass -Command "iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))" && SET "PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin"

choco feature enable -n allowGlobalConfirmation

:: Just install node stuff manually.  Trust me.
:: choco install nodejs-lts --install-directory='C:\nodejs' -fy
:: npm install -g gulp cordova@6.5.0 ionic@2.2.3 bower

byt3bl33d3r

import sys

ps_shellcode = '@('

with open(sys.argv[1], 'rb') as shellcode:
	byte = shellcode.read(1)
	while byte != '':
		ps_shellcode += '0x{}, '.format(byte.encode('hex'))
		byte = shellcode.read(1)

mgeeky

#!/usr/bin/python
# Disasm of 64-bit binary:
#   $ objdump -b binary -D -m i386:x86-64 <file>
#
# Usage:
#   $ ./bin2shellcode.py <file> num
# Where:
#   num - number of bytes to convert into array.
#         `num` can be negative, resulting in `size-num`
#         bytes be converted.

s0h3ck

AV Products or Companies: 
 Avast
 BitDefender
 Carbon Black
 Check Point
 Cisco
 ClamAV
 CrowdStrike
 Cylance
 Elastic Endpoint Security

mgeeky

#Requires -RunAsAdministrator

<#
.SYNOPSIS
    Script used to manage state of Microsoft Defender's Attack Surface Redution rules.
    Configures all ASR rules into mode defined in -State parameter.

.PARAMETER State
    Tells how to configure all ASR rules available. Valid options:
      - Disable (Disable the ASR rule)

hanfil

# Enable Windows Firewall
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled True

# SMB # require elevated privileges #
## Turn on SMB signing and encryption
Set-SmbServerConfiguration -RequireSecuritySignature $True -EnableSecuritySignature $True -EncryptData $True -Confirm:$false -Verbose

## Turn off the default workstations shares
Set-SmbServerConfiguration -AutoShareWorkstation $False -Confirm:$false -Verbose

jeffmcjunkin

MATCH (u:User)-[r:AdminTo|MemberOf*1..]->(c:Computer
RETURN u.name

That’ll return a list of users who have admin rights on at least one system either explicitly or through group membership
---------------

MATCH 
(U:User)-[r:MemberOf|:AdminTo*1..]->(C:Computer)
WITH
U.name as n,

HarmJ0y

@Library('ci-jenkins-common') _

// Jenkins build pipeline (declarative)

// Project:         Seatbelt
// URL:             https://github.com/GhostPack/Seatbelt
// Author:          @tifkin_/@harmj0y
// Pipeline Author: harmj0y

def gitURL = "https://github.com/GhostPack/Seatbelt"

gavinhungry

#
# Name: nginx-tls.conf
# Auth: Gavin Lloyd <gavinhungry@gmail.com>
# Desc: Nginx SSL/TLS configuration for "A+" Qualys SSL Labs rating
#
# Enables HTTP/2, PFS, HSTS and OCSP stapling. Configuration options not related
# to SSL/TLS are not included here.
#
# Additional tips:
#