This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
.SYNOPSIS | |
Script to install and configure a standalone RootCA for Lab-Environments | |
.DESCRIPTION | |
This Script sets up a standalone RootCA. It's main purpose is to save time when building Labs in the classes I teach. | |
###It's not meant for production!### | |
First, it creates a CAPolicy.inf file. Then it deletes all default CDP and AIA and configures new ones. | |
It turns on auditing and copys (It's a Lab!!!, so obviously no real offline RootCA...) the crt and crl to an edge webserver. | |
.NOTES | |
Author: Oliver Jäkel | oj@jaekel-edv.de | @JaekelEDV |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# List of apps to monitor execution. | |
$monitoredApp = @("nltest.exe","systeminfo.exe","adfind.exe","wmic.exe", "klist.exe") | |
# | |
## If we need Process Details use = $pn=$(Get-WmiObject win32_process -Filter ''ProcessID = %e'' | select ProcessName,PrcessID, CommandLine etc..) | |
<# | |
Sample Use: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[ | |
{ | |
"name":"Test App 1", | |
"children":[ | |
{"name":"Configurations","progress":1}, | |
{"name":"UI","progress":1}, | |
{"name":"Backend","progress":0.25} | |
] | |
}, | |
{ |
We can't make this file beautiful and searchable because it's too large.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CLSID,ClassName | |
{0000031A-0000-0000-C000-000000000046},CLSID | |
{0000002F-0000-0000-C000-000000000046},CLSID CLSID_RecordInfo | |
{00000100-0000-0010-8000-00AA006D2EA4},CLSID DAO.DBEngine.36 | |
{00000101-0000-0010-8000-00AA006D2EA4},CLSID DAO.PrivateDBEngine.36 | |
{00000103-0000-0010-8000-00AA006D2EA4},CLSID DAO.TableDef.36 | |
{00000104-0000-0010-8000-00AA006D2EA4},CLSID DAO.Field.36 | |
{00000105-0000-0010-8000-00AA006D2EA4},CLSID DAO.Index.36 | |
{00000106-0000-0010-8000-00AA006D2EA4},CLSID DAO.Group.36 | |
{00000107-0000-0010-8000-00AA006D2EA4},CLSID DAO.User.36 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Save the current URL path to restore after making | |
// malicious request with faked referer header value | |
var savedPath = window.location.pathname; | |
var savedSearch = window.location.search; | |
// Change URL/History to control the referer header value | |
// Swap out "/this-is-my-fake-referer-value" to be what you need | |
window.history.replaceState(null, '', '/this-is-my-fake-referer-value'); | |
// Send malicious request with faked referer header value |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
def modular_sqrt(a, p): | |
def legendre_symbol(a, p): | |
""" Compute the Legendre symbol a|p using | |
Euler's criterion. p is a prime, a is | |
relatively prime to p (if p divides | |
a, then a|p = 0) | |
Returns 1 if a has a square root modulo | |
p, -1 otherwise. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
primes = [ 2, 3, 5, 7, 11, 13, 17, 19, 23, 29, | |
31, 37, 41, 43, 47, 53, 59, 61, 67, 71, | |
73, 79, 83, 89, 97, 101, 103, 107, 109, 113, | |
127, 131, 137, 139, 149, 151, 157, 163, 167, 173, | |
179, 181, 191, 193, 197, 199, 211, 223, 227, 229, | |
233, 239, 241, 251, 257, 263, 269, 271, 277, 281, | |
283, 293, 307, 311, 313, 317, 331, 337, 347, 349, | |
353, 359, 367, 373, 379, 383, 389, 397, 401, 409, | |
419, 421, 431, 433, 439, 443, 449, 457, 461, 463, | |
467, 479, 487, 491, 499, 503, 509, 521, 523, 541, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# We'll just store the cloned certificates in current user "Personal" store for now. | |
$CertStoreLocation = @{ CertStoreLocation = 'Cert:\CurrentUser\My' } | |
$MS_Root_Cert = Get-PfxCertificate -FilePath C:\Test\MSKernel32Root.cer | |
$Cloned_MS_Root_Cert = New-SelfSignedCertificate -CloneCert $MS_Root_Cert @CertStoreLocation | |
$MS_PCA_Cert = Get-PfxCertificate -FilePath C:\Test\MSKernel32PCA.cer | |
$Cloned_MS_PCA_Cert = New-SelfSignedCertificate -CloneCert $MS_PCA_Cert -Signer $Cloned_MS_Root_Cert @CertStoreLocation | |
$MS_Leaf_Cert = Get-PfxCertificate -FilePath C:\Test\MSKernel32Leaf.cer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python3 | |
from __future__ import division | |
from __future__ import print_function | |
import re | |
import codecs | |
import logging | |
import time | |
import argparse | |
import sys | |
from impacket import version |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.EnterpriseServices; | |
using System.Runtime.InteropServices; | |
using System.Reflection; | |
using System.Reflection.Emit; | |
using System.Collections; | |
using System.Collections.Generic; |
NewerOlder