Steve Tornio swtornio

## printableASCII
0
1
2
3
4
5
6
7
8
9

## ec2_info_retriever.py
from collections import defaultdict

import boto3

"""
A tool for retrieving basic information from the running EC2 instances.
"""

# Connect to EC2
ec2 = boto3.resource('ec2')

## PowerView-3.0-tricks.ps1
# PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/
#   tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c

# the most up-to-date version of PowerView will always be in the dev branch of PowerSploit:
#   https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1

# New function naming schema:
#   Verbs:
#       Get : retrieve full raw data sets
#       Find : ‘find’ specific data entries in a data set

## rocketchat_invoke_webhook_python.py
import requests
import json

uri = 'https://domain.com/hooks/1234AbcD'
data={}
data = {
    "username": "Python Bot",
    "icon_emoji": ":whale:",
    "attachments": [
        {

## .htaccess
	#
	# TO-DO: set |DESTINATIONURL| below to be whatever you want e.g. www.google.com. Do not include "http(s)://" as a prefix. All matching requests will be sent to that url. Thanks @Meatballs__!
	#
	# Note this version requires Apache 2.4+
	#
	# Save this file into something like /etc/apache2/redirect.rules.
	# Then in your site's apache conf file (in /etc/apache2/sites-avaiable/), put this statement somewhere near the bottom
	#
	# Include /etc/apache2/redirect.rules
	#

## rbcd_demo.ps1
# import the necessary toolsets
Import-Module .\powermad.ps1
Import-Module .\powerview.ps1

# we are TESTLAB\attacker, who has GenericWrite rights over the primary$ computer account
whoami

# the target computer object we're taking over
$TargetComputer = "primary.testlab.local"

## Invoke-Excel4DCOM64.ps1
#**********************************************************************
# Invoke-Excel4DCOM64.ps1
# Inject shellcode into excel.exe via ExecuteExcel4Macro through DCOM, Now with x64 support
# Author: Stan Hegt (@StanHacked) / Outflank, x64 support by  Philip Tsukerman (@PhilipTsukerman) / Cybereason
# Date: 2019/04/21
# Version: 1.1
#**********************************************************************

function Invoke-Excel4DCOM
{

## groupenumeration.ps1
Get-AdGroup -Filter * | % { Get-AdGroupMember $_.Name | Select-Object -ExpandProperty SamAccountName | Out-File -FilePath "$($_.Name).txt" -Encoding ASCII }

## GadgetToJScript Command Reference
# Command to generate HTA code using GadgetsToJScript
GadgetToJScript.exe -w hta

# Command to generate JS code using GadgetsToJScript
GadgetToJScript.exe -w js

# Command to generate VBS code using GadgetsToJScript
GadgetToJScript.exe -w vbs

# Command to generate VBA code using GadgetsToJScript

## blockdlls_gadget2jscript.cs
using System;
using System.IO;
using System.Net;
using System.Diagnostics;
using System.IO.Compression;
using System.Runtime.InteropServices;

public class Payload
{
    public Payload()
	from collections import defaultdict

	import boto3

	"""
	A tool for retrieving basic information from the running EC2 instances.
	"""

	# Connect to EC2
	ec2 = boto3.resource('ec2')
	# PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/
	# tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c

	# the most up-to-date version of PowerView will always be in the dev branch of PowerSploit:
	# https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1

	# New function naming schema:
	# Verbs:
	# Get : retrieve full raw data sets
	# Find : ‘find’ specific data entries in a data set
	import requests
	import json

	uri = 'https://domain.com/hooks/1234AbcD'
	data={}
	data = {
	"username": "Python Bot",
	"icon_emoji": ":whale:",
	"attachments": [
	{
	#
	# TO-DO: set \|DESTINATIONURL\| below to be whatever you want e.g. www.google.com. Do not include "http(s)://" as a prefix. All matching requests will be sent to that url. Thanks @Meatballs__!
	#
	# Note this version requires Apache 2.4+
	#
	# Save this file into something like /etc/apache2/redirect.rules.
	# Then in your site's apache conf file (in /etc/apache2/sites-avaiable/), put this statement somewhere near the bottom
	#
	# Include /etc/apache2/redirect.rules
	#
	# import the necessary toolsets
	Import-Module .\powermad.ps1
	Import-Module .\powerview.ps1

	# we are TESTLAB\attacker, who has GenericWrite rights over the primary$ computer account
	whoami

	# the target computer object we're taking over
	$TargetComputer = "primary.testlab.local"
	#**********************************************************************
	# Invoke-Excel4DCOM64.ps1
	# Inject shellcode into excel.exe via ExecuteExcel4Macro through DCOM, Now with x64 support
	# Author: Stan Hegt (@StanHacked) / Outflank, x64 support by Philip Tsukerman (@PhilipTsukerman) / Cybereason
	# Date: 2019/04/21
	# Version: 1.1
	#**********************************************************************

	function Invoke-Excel4DCOM
	{
	# Command to generate HTA code using GadgetsToJScript
	GadgetToJScript.exe -w hta

	# Command to generate JS code using GadgetsToJScript
	GadgetToJScript.exe -w js

	# Command to generate VBS code using GadgetsToJScript
	GadgetToJScript.exe -w vbs

	# Command to generate VBA code using GadgetsToJScript
	using System;
	using System.IO;
	using System.Net;
	using System.Diagnostics;
	using System.IO.Compression;
	using System.Runtime.InteropServices;

	public class Payload
	{
	public Payload()