Skip to content

Instantly share code, notes, and snippets.

Avatar

Nikita Medvedev nikallass

View GitHub Profile
@nikallass
nikallass / rbcd_demo.ps1
Created Jan 21, 2020 — forked from HarmJ0y/rbcd_demo.ps1
Resource-based constrained delegation computer DACL takeover demo
View rbcd_demo.ps1
# import the necessary toolsets
Import-Module .\powermad.ps1
Import-Module .\powerview.ps1
# we are TESTLAB\attacker, who has GenericWrite rights over the primary$ computer account
whoami
# the target computer object we're taking over
$TargetComputer = "primary.testlab.local"
View letsencrypt-webroot-apache.md

Config Apache with /etc/apache2/conf-available/le.conf:

Alias /.well-known/acme-challenge/ "/var/www/html/.well-known/acme-challenge/"
<Directory "/var/www/html/">
    AllowOverride None
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    Require method GET POST OPTIONS
</Directory>
@nikallass
nikallass / subdomain.rb
Last active Oct 13, 2019 — forked from ehsahil/subdomain.rb
Subdomain OSINT script, running several best tools.
View subdomain.rb
#Tools based on a resolver.rb by @melvinsh
#Repository: https://github.com/melvinsh/subresolve
#Modified by @ehsahil for Personal Use.
#Modified by @nikallass for Personal Use.
require 'socket'
require 'colorize'
begin
if ARGV[0] == nil
View github-recon
“Hackme.tld” API_key
“Hackme.tld” secret_key
“Hackme.tld” aws_key
“Hackme.tld” Password 
“Hackme.tld” FTP
“Hackme.tld” login
“Hackme.tld” github_token
“Hackme.tld” http:// & https://  
“Hackme.tld” amazonaws
“Hackme.tld” digitaloceanspaces