Skip to content

Instantly share code, notes, and snippets.

View seajaysec's full-sized avatar

Chris Farrell seajaysec

86 followers · 21 following
View GitHub Profile
@seajaysec
seajaysec / the fast and the neuralnets
Created July 30, 2017 22:56
I dave is for pronanal Sumn!
Where for.
That't know the amn its some loed then Eliallanging a Can'm want egersbont and her been 16's couay.
And you got to.
No anywhings?
It feces.
This Guys turn.
That's the cops one it fol my sayought, momen oor.
You and come twant.
Whey pronpy.
@seajaysec
seajaysec / password-history.py
Created March 7, 2019 16:56
Didier Stevens' Password History Analysis Tool
#!/usr/bin/env python
__description__ = "Program to analyze password history"
__author__ = 'Didier Stevens'
__version__ = '0.0.1'
__date__ = '2017/02/27'
"""
Source code put in public domain by Didier Stevens, no Copyright
@seajaysec
seajaysec / wpa2eextract.ps1
Created March 7, 2019 17:00
zc00l's WPA2 Enterprise Password Extraction Script
function Get-String
{
Param(
[Parameter(Mandatory = $true, Position = 0)]
[byte[]]$InputStream
)
[byte[]]$Output = @();
foreach($byte in $InputStream)
{
if($byte -eq 0)
@seajaysec
seajaysec / keybase.md
Created May 14, 2019 12:38
doing the thing

Keybase proof

I hereby claim:

  • I am chrsjhnsn on github.
  • I am seeej (https://keybase.io/seeej) on keybase.
  • I have a public key ASCLkFXaIQmXJoFbDnCP6UcumsGXYu25jiZegj_6XUU-JQo

To claim this, I am signing this object:

@seajaysec
seajaysec / gist:4f280a1ce191e265ee20aa969fa74fde
Created March 4, 2019 16:27 — forked from jeffmcjunkin/gist:7b4a67bb7dd0cfbfbd83768f3aa6eb12
Useful Cypher queries for BloodHound
---------------
MATCH (u:User)-[r:AdminTo|MemberOf*1..]->(c:Computer
RETURN u.name
That’ll return a list of users who have admin rights on at least one system either explicitly or through group membership
---------------
MATCH
(U:User)-[r:MemberOf|:AdminTo*1..]->(C:Computer)
@seajaysec
seajaysec / cloudSettings
Last active August 2, 2019 18:49
Visual Studio Code Settings Sync Gist
{"lastUpload":"2019-08-02T18:49:46.186Z","extensionVersion":"v3.4.1"}
@seajaysec
seajaysec / airgeddon.sh
Created September 23, 2019 13:48
airgeddon 9.22 - light mode tmux
#!/usr/bin/env bash
#Title........: airgeddon.sh
#Description..: This is a multi-use bash script for Linux systems to audit wireless networks. Modified for light mode in tmux by seajay.
#Author.......: v1s1t0r
#Date.........: 20190908
#Version......: 9.22
#Usage........: bash airgeddon.sh
#Bash Version.: 4.2 or later
#Global shellcheck disabled warnings
@seajaysec
seajaysec / parseitup.sh
Created September 24, 2019 19:11
parses pypykatz's json output for plaintext and hashed creds
#!/bin/bash
# prereqs: jq, all the dumps in current working dir
# create csv file, add headers
echo "source,type,domain,username,result" >out.csv
# function: remove first and last lines:
sedfl() {
sed '1d;$d'
}
@seajaysec
seajaysec / aasa.sh
Last active October 26, 2020 08:46
Generates URL list from App-Site Association file
#!/bin/bash
# Requirements: httpie, jq
# Inspired by:
# https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2019/april/apples_app_site_association_the_new_robots_txt/
echo 'Testing URL for AASA'
full=$1/.well-known/apple-app-site-association
check=`curl -sL -w "%{http_code}\n" "$full" -o /dev/null`
@seajaysec
seajaysec / cypherqueries.md
Created September 24, 2019 23:06
custom bloodhound queries for the neo4j console

Cypher Queries

Cypher Queries can be entered into the neo4j console, accessible at http://localhost:7474. These often return text-based content. There's a max of 1000 displayed rows within the console, however each query result can be downloaded as a CSV for more in depth analysis. When pasting, replace all instances of "EXAMPLE.COM" with the domain name that you are operating on. These are from a wide range of sources. A lot of them came or were inspired by discussions on the Bloodhound Slack.

Basic

Generate list of all operating systems

MATCH (c:Computer)