- Open a webpage that uses the CA with Firefox
- Click the lock-icon in the addressbar -> show information -> show certificate
- the certificate viewer will open
- click details and choose the certificate of the certificate-chain, you want to import to CentOS
- click "Export..." and save it as .crt file
- Copy the .crt file to
/etc/pki/ca-trust/source/anchors
on your CentOS machine - run
update-ca-trust extract
- test it with
wget https://thewebsite.org
➞ cat /usr/bin/zipm system: ruby 3.0.4p208
#!/bin/bash
/usr/bin/zip -er9P infected "$@"
➞ cat /usr/bin/unzipm system: ruby 3.0.4p208
#!/bin/bash
/usr/bin/unzip -P infected "$@"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function New-SYSVOLZip { | |
<# | |
.SYNOPSIS | |
Compresses all folders/files in SYSVOL to a .zip file. | |
Author: Will Schroeder (@harmj0y) | |
License: BSD 3-Clause | |
Required Dependencies: None |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Get-NonstandardService { | |
<# | |
.SYNOPSIS | |
Returns services where the associated binaries are either not signed, or are | |
signed by an issuer not matching 'Microsoft'. | |
Author: Will Schroeder (@harmj0y) | |
License: BSD 3-Clause | |
Required Dependencies: None |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package org.odysseus.util; | |
import java.io.File; | |
import java.util.ArrayList; | |
import java.util.List; | |
/** | |
* A utility class for classes. | |
* | |
* @author Jimmy Frix |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
let ADAZUsers = IdentityInfo | |
| extend DirectoryDomain = AccountDomain | |
| extend DirectoryAccount = AccountName | |
| distinct DirectoryDomain , DirectoryAccount , OnPremSid , CloudSid, AccountUpn, GivenName, Surname; | |
// check for any new created or modified local accounts | |
let NewUsers = DeviceEvents | |
| where ActionType contains "UserAccountCreated" // or ActionType contains "UserAccountModified" | |
| extend lUserAdded = AccountName | |
| extend NewUserSID = AccountSid | |
| extend laccountdomain = AccountDomain |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<opml version="1.0"> | |
<head> | |
<title>Matt subscriptions in feedly Cloud</title> | |
</head> | |
<body> | |
<outline text="RedTeaming" title="RedTeaming"> | |
<outline type="rss" text="Strategic Cyber LLC" title="Strategic Cyber LLC" xmlUrl="http://blog.strategiccyber.com/feed/" htmlUrl="https://blog.cobaltstrike.com"/> | |
<outline type="rss" text="Silent Break Security" title="Silent Break Security" xmlUrl="http://silentbreaksecurity.com/feed/" htmlUrl="https://silentbreaksecurity.com"/> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
"""Simple HTTP Server With Upload. | |
This module builds on BaseHTTPServer by implementing the standard GET | |
and HEAD requests in a fairly straightforward manner. | |
""" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import socket | |
import ssl | |
import time | |
HOST = "127.0.0.1" | |
PORT = 42678 | |
client = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | |
client.setsockopt(sock.SOL_SOCKET, socket. SO_REUSEADDR, 1) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# https://cloud.google.com/compute/docs/faq#find_ip_range | |
# nslookup -q=TXT _cloud-netblocks.googleusercontent.com 8.8.8.8 | |
myarray=() | |
for LINE in `dig txt _cloud-netblocks.googleusercontent.com +short | tr " " "\n" | grep include | cut -f 2 -d :` | |
do | |
myarray+=($LINE) | |
for LINE2 in `dig txt $LINE +short | tr " " "\n" | grep include | cut -f 2 -d :` |