seajaysec

{"lastUpload":"2019-08-02T18:49:46.186Z","extensionVersion":"v3.4.1"}

seajaysec

#!/bin/bash
# prereqs: pypykatz, all the dumps in current working dir

mkdir ./ppktz_tickets 2>/dev/null
ext='.dmp'

for i in *$ext; do
    txtfile=${i::-3}txt
    secrets=${i::-3}secrets
    pypykatz lsa minidump $i -o $txtfile -k ./ppktz_tickets/;

seajaysec

#!/usr/bin/env bash
#Title........: airgeddon.sh
#Description..: This is a multi-use bash script for Linux systems to audit wireless networks. Modified for light mode in tmux by seajay.
#Author.......: v1s1t0r
#Date.........: 20190908
#Version......: 9.22
#Usage........: bash airgeddon.sh
#Bash Version.: 4.2 or later

#Global shellcheck disabled warnings

seajaysec

#!/bin/bash
# prereqs: jq, all the dumps in current working dir

# create csv file, add headers
echo "source,type,domain,username,result" >out.csv

# function: remove first and last lines:
sedfl() {
    sed '1d;$d'
}

seajaysec

Cypher Queries

Cypher Queries can be entered into the neo4j console, accessible at http://localhost:7474. These often return text-based content. There's a max of 1000 displayed rows within the console, however each query result can be downloaded as a CSV for more in depth analysis. When pasting, replace all instances of "EXAMPLE.COM" with the domain name that you are operating on. These are from a wide range of sources. A lot of them came or were inspired by discussions on the Bloodhound Slack.

Basic

Generate list of all operating systems

MATCH (c:Computer)