Skip to content

Instantly share code, notes, and snippets.

View michiiii's full-sized avatar

Michael Ritter michiiii

11 followers · 37 following
View GitHub Profile
@psignoret
psignoret / Get-AzureADPSPermissions.ps1
Last active May 9, 2024 13:15
Script to list all delegated permissions and application permissions in Microsoft Entra ID
# THIS CODE IS PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY IMPLIED WARRANTIES OF
# FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
#Requires -Modules @{ ModuleName="Microsoft.Graph.Authentication" ; ModuleVersion="2.15.0" }
#Requires -Modules @{ ModuleName="Microsoft.Graph.DirectoryObjects"; ModuleVersion="2.15.0" }
#Requires -Modules @{ ModuleName="Microsoft.Graph.Identity.SignIns"; ModuleVersion="2.15.0" }
#Requires -Modules @{ ModuleName="Microsoft.Graph.Applications" ; ModuleVersion="2.15.0" }
#Requires -Modules @{ ModuleName="Microsoft.Graph.Users" ; ModuleVersion="2.15.0" }
<#
@TarlogicSecurity
TarlogicSecurity / kerberos_attacks_cheatsheet.md
Created May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@jbratu
jbratu / setupiisforsslperfectforwardsecrecy_v17.ps1
Last active May 3, 2024 07:40
Great powershell script for tightening HTTPS security on IIS and disabling insecure protocols and ciphers. Very useful on core installations.
# Copyright 2019, Alexander Hass
# https://www.hass.de/content/setup-microsoft-windows-or-iis-ssl-perfect-forward-secrecy-and-tls-12
#
# After running this script the computer only supports:
# - TLS 1.2
#
# Version 3.0.1, see CHANGELOG.txt for changes.
Write-Host 'Configuring IIS with SSL/TLS Deployment Best Practices...'
Write-Host '--------------------------------------------------------------------------------'
@jhaddix
jhaddix / cloud_metadata.txt
Last active April 30, 2024 09:38 — forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
@CCob
CCob / patchless_amsi.h
Created April 17, 2022 16:18
In-Process Patchless AMSI Bypass
#ifndef PATCHLESS_AMSI_H
#define PATCHLESS_AMSI_H
#include <windows.h>
static const int AMSI_RESULT_CLEAN = 0;
PVOID g_amsiScanBufferPtr = nullptr;
unsigned long long setBits(unsigned long long dw, int lowBit, int bits, unsigned long long newValue) {
@gavinhungry
gavinhungry / nginx-tls.conf
Last active March 11, 2024 14:51
Nginx SSL/TLS configuration for "A+" Qualys SSL Labs rating
#
# Name: nginx-tls.conf
# Auth: Gavin Lloyd <gavinhungry@gmail.com>
# Desc: Nginx SSL/TLS configuration for "A+" Qualys SSL Labs rating
#
# Enables HTTP/2, PFS, HSTS and OCSP stapling. Configuration options not related
# to SSL/TLS are not included here.
#
# Additional tips:
#
@HarmJ0y
HarmJ0y / Jenkinsfile
Created November 2, 2020 23:15
Rubeus Jenkinsfile
@Library('ci-jenkins-common') _
// Jenkins build pipeline (declarative)
// Project: Seatbelt
// URL: https://github.com/GhostPack/Seatbelt
// Author: @tifkin_/@harmj0y
// Pipeline Author: harmj0y
def gitURL = "https://github.com/GhostPack/Seatbelt"
@jeffmcjunkin
jeffmcjunkin / gist:7b4a67bb7dd0cfbfbd83768f3aa6eb12
Last active November 12, 2023 16:35
Useful Cypher queries for BloodHound
MATCH (u:User)-[r:AdminTo|MemberOf*1..]->(c:Computer
RETURN u.name
That’ll return a list of users who have admin rights on at least one system either explicitly or through group membership
---------------
MATCH
(U:User)-[r:MemberOf|:AdminTo*1..]->(C:Computer)
WITH
U.name as n,
@hanfil
hanfil / Harden.ps1
Last active March 13, 2023 23:13
# Enable Windows Firewall
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled True
# SMB # require elevated privileges #
## Turn on SMB signing and encryption
Set-SmbServerConfiguration -RequireSecuritySignature $True -EnableSecuritySignature $True -EncryptData $True -Confirm:$false -Verbose
## Turn off the default workstations shares
Set-SmbServerConfiguration -AutoShareWorkstation $False -Confirm:$false -Verbose
@mgeeky
mgeeky / Configure-ASR.ps1
Created December 28, 2022 12:13
A little script that configures all Microsoft Defender Attack Surface Reduction (ASR) rules at once to a specific state. Example: PS> .\Configure-ASR.ps1 -State Enabled
#Requires -RunAsAdministrator
<#
.SYNOPSIS
Script used to manage state of Microsoft Defender's Attack Surface Redution rules.
Configures all ASR rules into mode defined in -State parameter.
.PARAMETER State
Tells how to configure all ASR rules available. Valid options:
- Disable (Disable the ASR rule)