tr4nc3
velaskec
/ powerslim.py
Created
February 26, 2010 10:40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ############################################################################################################# | |
| # PowerSlim 0.1 | |
| ############################################################################################################# | |
| import os,re | |
| import clr,os | |
| clr.AddReference("System.Management") | |
| clr.AddReference("System.Management.Automation") | |
| from System.Management.Automation import * | |
| from System.Management.Automation.Host import * | |
| from System.Management.Automation.Runspaces import * |
nikallass
/ check-smb-v3.11.sh
Created
March 11, 2020 04:57
CVE-2020-0796. Scan HOST/CIDR with nmap script smb-protocols.nse and grep SMB version 3.11.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ $# -eq 0 ] | |
| then | |
| echo $'Usage:\n\tcheck-smb-v3.11.sh TARGET_IP_or_CIDR' | |
| exit 1 | |
| fi | |
| echo "Checking if there's SMB v3.11 in" $1 "..." | |
| nmap -p445 --script smb-protocols -Pn -n $1 | grep -P '\d+\.\d+\.\d+\.\d+|^\|.\s+3.11' | tr '\n' ' ' | replace 'Nmap scan report for' '@' | tr "@" "\n" | grep 3.11 | tr '|' ' ' | tr '_' ' ' | grep -oP '\d+\.\d+\.\d+\.\d+' |
Raikia
/ One-liner Mimikatz Parser
Last active
October 1, 2020 01:37
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Assuming you have a mimikatz dump named "mimikatz_dump.txt", I made these bash one-liners that will reformat the mimikatz output to "domain\user:password" | |
| First, before using these parsers, run: "dos2unix mimikatz_dump.txt" | |
| Mimikatz 1.0: | |
| cat mimikatz_dump.txt | grep -P '((Utilisateur principal)|(msv1_0)|(kerberos)|(ssp)|(wdigest)|(tspkg))\s+:\s+.+' | grep -v 'n\.' | sed -e 's/^\s\+[^:]*:\s\+//' | sed -e 's/Utilisateur principal\s\+:\s\+\(.*\)$/\n\1/' | sort -u | |
| Mimikatz 2.0 (unfortunately, you must "apt-get install pcregrep" because reasons): |
markusleh
/ volatility-pool-visualize.py
Last active
June 25, 2021 14:14
Python program to visualize Windows bigpool content
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import svgwrite | |
| import volatility.conf as conf | |
| import volatility.registry as registry | |
| import volatility.plugins.volshell as shell | |
| registry.PluginImporter() | |
| config = conf.ConfObject() | |
| import volatility.commands as commands | |
| import volatility.addrspace as addrspace | |
| import volatility.utils as utils | |
| registry.register_global_options(config, commands.Command) |
ropnop
/ lookupadmins.py
Last active
December 4, 2021 16:00
Python script using Impacket to enumerate local administrators over SAMR
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # | |
| # Title: lookupadmins.py | |
| # Author: @ropnop | |
| # Description: Python script using Impacket to query members of the builtin Administrators group through SAMR | |
| # Similar in function to Get-NetLocalGroup from Powerview | |
| # Won't work against Windows 10 Anniversary Edition unless you already have local admin | |
| # See: http://www.securityweek.com/microsoft-experts-launch-anti-recon-tool-windows-10-server-2016 | |
| # | |
| # Heavily based on original Impacket example scripts written by @agsolino and available here: https://github.com/CoreSecurity/impacket |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CVE-2021-4034 (pkexec) self contained exploit PoC |
xpn
/ InstallUtil-Shellcode-cs
Created
May 11, 2018 01:15
— forked from lithackr/InstallUtil-Shellcode-cs
From https://gist.github.com/subTee/408d980d88515a539672
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Net; | |
| using System.Diagnostics; | |
| using System.Reflection; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| /* | |
| Author: Casey Smith, Twitter: @subTee | |
| License: BSD 3-Clause |
hellman
/ rsa_timing_attack_d_Montgomery.py
Created
May 1, 2017 12:23
DEF CON 2017 Quals - Godzilla (Reverse/Crypto)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #-*- coding:utf-8 -*- | |
| ''' | |
| DEF CON 2017 Quals - Godzilla (Reverse) | |
| Timing attack on RSA decryption. | |
| Based on http://www.cs.jhu.edu/~fabian/courses/CS600.624/Timing-full.pdf | |
| Another solutions: | |
| https://gist.github.com/nneonneo/367240ae2d8e705bb9173a49a7c8b0cd by b2xiao | |
| https://gist.github.com/Riatre/caac24840b176cf843b3f66ad9a5eeaf by riatre |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from ghidra.app.emulator import EmulatorHelper | |
| from ghidra.program.model.symbol import SymbolUtilities | |
| # Tested with Ghidra v9.1 and v9.1.1, future releases are likely to simplify | |
| # and/or expand the EmulatorHelper class in the API. | |
| # == Helper functions ====================================================== | |
| def getAddress(offset): | |
| return currentProgram.getAddressFactory().getDefaultAddressSpace().getAddress(offset) |
sobi3ch
/ custom-cloud-commands
Last active
February 14, 2023 23:36
whoami in az and aws cli versions + get-policy-document for aws
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # general | |
| alias aws.whoami='aws iam get-user --query User.Arn --output text' | |
| alias az.whoami='az ad signed-in-user show --query userPrincipalName --output tsv' | |
| # In ~/.aws/credencials|config leave [default] profile empty and name it each one of it so `aws-env -l` can list all of them | |
| # aws.profile # show current profile | |
| # aws.profile profile-name # set profile name | |
| # Double tab completion works | |
| aws.profile () | |
| { |
OlderNewer