Rohan Vazarkar rvazarkar

## UsingDomainProperty.json
{
  "name": "Users with Foreign Domain Group Membership",
  "queryList": [
      {
          "final": false,
          "title": "Select source domain...",
          "query": "MATCH (n:Domain) RETURN n.name ORDER BY n.name DESC"
      },
      {
          "final": true,

## PowerViewKrb.ps1
#requires -version 2

<#

PowerSploit File: PowerView.ps1
Author: Will Schroeder (@harmj0y)
License: BSD 3-Clause
Required Dependencies: None

#>

## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                rvazarkar
                / keybase.md
            
            
              Created
              May 5, 2021 17:15
            
          
    Keybase proof

I hereby claim:

I am rvazarkar on github.
I am cptjesus (https://keybase.io/cptjesus) on keybase.
I have a public key whose fingerprint is 309B 57DD A097 7565 6792  5796 6A61 8F77 5207 56E5

To claim this, I am signing this object:

  
## APICheatSheet.csv

          
            API Call
             MSDN Link
             Protocol
             Port
             RPC Interface UUID
             Named Pipe
             RPC Method
             RPC MSDN Link

            
              NetSessionEnum
               https://msdn.microsoft.com/en-us/library/windows/desktop/bb525382(v=vs.85).aspx
               [MS-SRVS]: Server Service Remote Protocol
               TCP 445
               4B324FC8-1670-01D3-1278-5A47BF6EE188
               \PIPE\srvsvc
               NetrSessionEnum
               https://msdn.microsoft.com/en-us/library/cc247273.aspx

            
              NetWkstaUserEnum
               https://msdn.microsoft.com/en-us/library/windows/desktop/aa370669(v=vs.85).aspx
               [MS-WKST]: Workstation Service Remote Protocol
               TCP 445
               6BFFD098-A112-3610-9833-46C3F87E345A
               \PIPE\wkssvc
               NetrWkstaUserEnum
               https://msdn.microsoft.com/en-us/library/cc250349.aspx

## TargetCheatSheet.csv

          
            Collection Method
             API Call
             MSDN Link
             Default Targets
             Stealth Targets

            
              Session
              NetSessionEnum
               https://msdn.microsoft.com/en-us/library/windows/desktop/bb525382(v=vs.85).aspx
               All Computers
               Domain Controllers + 'Share Servers'

            
              LocalGroup
               Modified NetLocalGroupGetMembers
               https://msdn.microsoft.com/en-us/library/windows/desktop/aa370601(v=vs.85).aspx
               All Computers
               GPO Files

            
              Group
               Ldap
               N/A
               All User Group and Computer Objects
               All User Group and Computer Objects

            
              Trusts
               DsEnumerateDomainTrusts
               https://msdn.microsoft.com/en-us/library/ms675976(v=vs.85).aspx
               All Domain and TrustedDomain objects
               All Domain and TrustedDomain objects

            
              LoggedOn
               Remote Registry + NetWkstaUserEnum
               https://msdn.microsoft.com/en-us/library/windows/desktop/aa370669(v=vs.85).aspx
               All Computers
               Domain Controllers + 'Share Servers'

            
              ACL
               Ldap
               N/A
               All user group computer and domain objects
               All user group computer and domain objects

            
              ObjectProps
               Ldap
               N/A
               All user and computer objects
               All user and computer objects
	{
	"name": "Users with Foreign Domain Group Membership",
	"queryList": [
	{
	"final": false,
	"title": "Select source domain...",
	"query": "MATCH (n:Domain) RETURN n.name ORDER BY n.name DESC"
	},
	{
	"final": true,
	#requires -version 2

	<#

	PowerSploit File: PowerView.ps1
	Author: Will Schroeder (@harmj0y)
	License: BSD 3-Clause
	Required Dependencies: None

	#>
API Call	MSDN Link	Protocol	Port	RPC Interface UUID	Named Pipe	RPC Method	RPC MSDN Link
NetSessionEnum	https://msdn.microsoft.com/en-us/library/windows/desktop/bb525382(v=vs.85).aspx	[MS-SRVS]: Server Service Remote Protocol	TCP 445	4B324FC8-1670-01D3-1278-5A47BF6EE188	\PIPE\srvsvc	NetrSessionEnum	https://msdn.microsoft.com/en-us/library/cc247273.aspx
NetWkstaUserEnum	https://msdn.microsoft.com/en-us/library/windows/desktop/aa370669(v=vs.85).aspx	[MS-WKST]: Workstation Service Remote Protocol	TCP 445	6BFFD098-A112-3610-9833-46C3F87E345A	\PIPE\wkssvc	NetrWkstaUserEnum	https://msdn.microsoft.com/en-us/library/cc250349.aspx
Collection Method	API Call	MSDN Link	Default Targets	Stealth Targets
Session	NetSessionEnum	https://msdn.microsoft.com/en-us/library/windows/desktop/bb525382(v=vs.85).aspx	All Computers	Domain Controllers + 'Share Servers'
LocalGroup	Modified NetLocalGroupGetMembers	https://msdn.microsoft.com/en-us/library/windows/desktop/aa370601(v=vs.85).aspx	All Computers	GPO Files
Group	Ldap	N/A	All User Group and Computer Objects	All User Group and Computer Objects
Trusts	DsEnumerateDomainTrusts	https://msdn.microsoft.com/en-us/library/ms675976(v=vs.85).aspx	All Domain and TrustedDomain objects	All Domain and TrustedDomain objects
LoggedOn	Remote Registry + NetWkstaUserEnum	https://msdn.microsoft.com/en-us/library/windows/desktop/aa370669(v=vs.85).aspx	All Computers	Domain Controllers + 'Share Servers'
ACL	Ldap	N/A	All user group computer and domain objects	All user group computer and domain objects
ObjectProps	Ldap	N/A	All user and computer objects	All user and computer objects