Skip to content

Instantly share code, notes, and snippets.

Avatar

Silent Break Security silentbreaksec

View GitHub Profile
@silentbreaksec
silentbreaksec / SysmonStartup.bat
Created Mar 2, 2018
Windows batch file to deploy Sysmon using a startup script via GPO
View SysmonStartup.bat
@echo off
:: Author: Ryan Watson
:: Twitter: @gentlemanwatson
:: Version: 1.0
:: Credits: Credit to Syspanda.com and their Sysmon GPO article for the kick off point
:: https://www.syspanda.com/index.php/2017/02/28/deploying-sysmon-through-gpo/
:: ** IMPORTANT **
:: 1) Create a Sysmon folder with the SYSVOL share on your domain controller
:: 2) Download Sysmon from Microsoft and place both sysmon.exe and sysmon64.exe in
@silentbreaksec
silentbreaksec / snippet.cs
Created Nov 6, 2019
Convert C# EXE to Assembly
View snippet.cs
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW([MarshalAs(UnmanagedType.LPWStr)] string lpCmdLine, out int pNumArgs);
public static string[] CommandLineToArgs(string commandLine)
{
int argc;
var argv = CommandLineToArgvW(commandLine, out argc);
if (argv == IntPtr.Zero)
throw new System.ComponentModel.Win32Exception();
try
View helk-installer.sh
#!/bin/bash
# HELK Installation Script (Elasticsearch, Logstash, Kibana & Nginx)
# HELK build version: 0.9 (BETA Script)
# Author: Roberto Rodriguez @Cyb3rWard0g
# Description: This script installs every single component of the ELK Stack plus Nginx
# Blog: https://cyberwardog.blogspot.com/2017/02/setting-up-pentesting-i-mean-threat_98.html
# Fork version: 0.1
# Fork Author: Ryan Watson @gentlemanwatson
@silentbreaksec
silentbreaksec / nginx.conf
Last active Jan 2, 2020
Red Team Nginx Sample Config
View nginx.conf
user nginx;
worker_processes auto;
pid /usr/local/nginx/logs/nginx.pid;
include /etc/nginx/conf.d/*.conf;
worker_rlimit_nofile 50000;
events {
worker_connections 50000;
}