Skip to content

Instantly share code, notes, and snippets.

View rvazarkar's full-sized avatar

Rohan Vazarkar rvazarkar

384 followers · 0 following
View GitHub Profile
@rvazarkar
rvazarkar / arinscraper.py
Created January 4, 2017 16:35
import requests
from bs4 import BeautifulSoup
import re
import sys
if (len(sys.argv) < 2):
print 'Usage:'
print 'python arinScraper.py "target"'
sys.exit()
@rvazarkar
rvazarkar / gist:02f1c139630e1cdc1511d857a379b2ca
Created September 20, 2017 16:12
╔══════════════════════╦═══════════════════════╦═════════════╦════════════════════════════════════════════════════════════════════════╗
║ Objects in Domain ║ Time Taken ║ Cache Built ║ Other Comments ║
╠══════════════════════╬═══════════════════════╬═════════════╬════════════════════════════════════════════════════════════════════════╣
║ ~35000 ║ 25 minutes 34 seconds ║ No ║ ║
║ ~3000 ║ 30 seconds ║ No ║ Enumeration over VPN ║
║ ~370000 (not a typo) ║ 9 hours 42 minutes ║ No ║ Enumeration over VPN. Powershell ingestor never finished after 3 days ║
║ ~130000 ║ 40 minutes ║ No ║ ║
║ ~40500 ║ 10 minutes ║ No ║ Old inges
@rvazarkar
rvazarkar / gist:93418965f479702a9a12790081040dba
Created September 20, 2017 16:14
╔═══════════════════╦═══════════════════════╦══════════════════════╗
║ Collection Method ║ Old Ingestor ║ New Ingestor ║
╠═══════════════════╬═══════════════════════╬══════════════════════╣
║ Group ║ 1 minute 10 seconds ║ 19 seconds ║
║ LocalGroup ║ 29 minutes 57 seconds ║ 6 minutes 21 seconds ║
║ Session ║ 29 minutes 1 second ║ 5 minutes 36 seconds ║
║ ACL ║ 10 minutes 20 seconds ║ 37 seconds ║
╚═══════════════════╩═══════════════════════╩══════════════════════╝
@rvazarkar
rvazarkar / gist:743afc27172fcc6b666b1b2da4703978
Last active October 23, 2017 19:16
namespace Sharphound2
{
//This class exists because of a memory leak in BlockingCollection. By setting the reference to Item to null after enumerating it,
//we can force garbage collection of the internal item, while the Wrapper is held by the collection.
//This is highly preferable because the internal item consumes a lot of memory while the wrapper barely uses any
class Wrapper<T>
{
public T Item { get; set; }
}
}
@rvazarkar
rvazarkar / gist:de161e75c25103ae0e479365b4024904
Last active October 23, 2017 19:16
BlockingCollection<string> collection = new BlockingCollection<string>();
foreach (var string in collection.GetConsumingEnumerable()){
DoSomething(string);
}
@rvazarkar
rvazarkar / gist:58647d21d777cc2db59ebd44627436ca
Last active October 23, 2017 19:17
public SearchRequest GetSearchRequest(string filter, SearchScope scope, string[] attribs, string domainName = null, string adsPath = null)
{
Domain targetDomain;
try
{
targetDomain = GetDomain(domainName);
}
catch
{
return null;
@rvazarkar
rvazarkar / ping.cs
Created October 23, 2017 19:18
internal bool DoPing(string hostname)
{
try
{
using (var client = new TcpClient())
{
var result = client.BeginConnect(hostname, 445, null, null);
var success = result.AsyncWaitHandle.WaitOne(_pingTimeout);
if (!success)
{
@rvazarkar
rvazarkar / bad.json
Created October 23, 2017 19:18
{
"statements" : [
{
"statement" : "MERGE (n:User {name:'DOMAIN ADMINS@TESTLAB.LOCAL'})-[r:AdminTo]-(m:Computer {name:'PRIMARY.TESTLAB.LOCAL'})"
},
{
"statement" : "MERGE (n:User {name:'DOMAIN ADMINS@TESTLAB.LOCAL'})-[r:AdminTo]-(m:Computer {name:'SECONDARY.TESTLAB.LOCAL'})"
}
]
}
@rvazarkar
rvazarkar / good.json
Created October 23, 2017 19:19
{
"statements" : [
{
"statement" : "MERGE (n:Group {name:{props.name}})",
"parameters" : {
"props" : {
"name" : "DOMAIN ADMINS@TESTLAB.LOCAL"
}
}
}
@rvazarkar
rvazarkar / NewPrebuiltQuery,json
Created March 28, 2018 18:19
{
"name": "Shortest Path from SPN User",
"queryList":[
{
"final": false,
"title":"Select a domain...",
"query":"MATCH (n:Domain) RETURN n.name ORDER BY n.name DESC"
},
{
"final": false,