This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Get-InjectedThread | |
{ | |
<# | |
.SYNOPSIS | |
Looks for threads that were created as a result of code injection. | |
.DESCRIPTION | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
a4b.amazonaws.com | |
access-analyzer.amazonaws.com | |
account.amazonaws.com | |
acm-pca.amazonaws.com | |
acm.amazonaws.com | |
airflow-env.amazonaws.com | |
airflow.amazonaws.com | |
alexa-appkit.amazon.com | |
alexa-connectedhome.amazon.com | |
amazonmq.amazonaws.com |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Write-Host "AD Connect Sync Credential Extract v2 (@_xpn_)" | |
Write-Host "`t[ Updated to support new cryptokey storage method ]`n" | |
$client = new-object System.Data.SqlClient.SqlConnection -ArgumentList "Data Source=(localdb)\.\ADSync;Initial Catalog=ADSync" | |
try { | |
$client.Open() | |
} catch { | |
Write-Host "[!] Could not connect to localdb..." | |
return |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#! /bin/env python | |
# | |
# USAGE | |
# $ python ad_utils.py "My Group Name" | |
# | |
# Author: | |
# Trinh Nguyen | |
# dangtrinhnt@gmail.com | |
# www.dangtrinh.com |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Domain: TEST.local | |
User Enumeration: | |
Windows: | |
net user | |
net user /domain | |
net user [username] | |
net user [username] /domain | |
wmic useraccount | |
Mac: | |
dscl . ls /Users |
Currently, there is an explosion of tools that aim to manage secrets for automated, cloud native infrastructure management. Daniel Somerfield did some work classifying the various approaches, but (as far as I know) no one has made a recent effort to summarize the various tools.
This is an attempt to give a quick overview of what can be found out there. The list is alphabetical. There will be tools that are missing, and some of the facts might be wrong--I welcome your corrections. For the purpose, I can be reached via @maxvt on Twitter, or just leave me a comment here.
There is a companion feature matrix of various tools. Comments are welcome in the same manner.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
route53domains:RegisterDomain | |
route53domains:RenewDomain | |
route53domains:TransferDomain | |
ec2:ModifyReservedInstances | |
ec2:PurchaseHostReservation | |
ec2:PurchaseReservedInstancesOffering | |
ec2:PurchaseScheduledInstances | |
rds:PurchaseReservedDBInstancesOffering | |
dynamodb:PurchaseReservedCapacityOfferings | |
s3:PutObjectRetention |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
""" | |
summary: drawing custom graphs | |
description: | |
Showing custom graphs, using `ida_graph.GraphViewer`. In addition, | |
show how to write actions that can be performed on those. | |
keywords: graph, actions | |
""" | |
from __future__ import print_function | |
# ----------------------------------------------------------------------- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add-Type -AssemblyName System.Security; | |
[Text.Encoding]::ASCII.GetString([Security.Cryptography.ProtectedData]::Unprotect([Convert]::FromBase64String((type -raw (Join-Path $env:USERPROFILE foobar))), $null, 'CurrentUser')) |
NewerOlder