wisdark

Invoke-WebRequest: 
Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.14393.1066

System.Net.WebClient.DownloadFile():
None

Start-BitsTransfer:
Microsoft BITS/7.8

certutil.exe: 

wisdark

function Get-InjectedThread
{
    <# 
    
    .SYNOPSIS 
    
    Looks for threads that were created as a result of code injection.
    
    .DESCRIPTION
    

wisdark

using System;
using System.Net;
using System.Diagnostics;
using System.Reflection;
using System.Configuration.Install;
using System.Runtime.InteropServices;
 
/*
Author: Casey Smith, Twitter: @subTee
License: BSD 3-Clause

wisdark

Debloating Nox

Nox, despite being the most feature-filled Android emulator, has a lot of negativity surrounding it due to their antics when it comes to making income off of their program. It is known for running repeated advertisments in the background, calling home and passing along system information (outside of your Android instance) as well as a vast amount of potentially sensitive data in an encrypted payload back to their multitude of servers. With the following preventitive measures, we can stop a majority of this happening as well as greatly improve the overall performance.

1. Download and Install a fresh copy of Nox. The latest version is fine (for now). If you already have it installed, that is fine too. No need to reinstall.

2. Enable Root Mode on Nox by clicking the gear icon and then checking the Root Startup box.

3. Install a new Launcher from the Play Store. ANYTHING but Nox's default. I suggest [Nova Launcher](https://play.google.com/s

wisdark

As always, only for use on networks you own or have permission to test against. 

Similar functionality to SpiderLabs SCShell (https://github.com/SpiderLabs/SCShell) but from the command line using WMIC to run commands on other systems remotely.
If attempting to run multiple commands, SCShell will probably be move convenient as it automates the below steps.  However, for one-offs this works fine as well.

The process involves a total of four commands, three of which can be combined on the command line to form one large block.

Step 1: Get the current pathName of your target service so we can restore it once we've ran our command (in our case XblAuthManager)
    wmic /user:DOMAIN\USERNAME /password:PASSWORD /node:TARGET_IP service where name='XblAuthManager' get pathName

wisdark

   ++++++ Basic knowledge requirements for cybersecurity and hacking ++++++
These are the basic competencies expected (and tested for during the 1st in person interview) by a large, very visible InfoSec company I think it is a good base competency list for anyone looking to get into an Infosec career (with specialization plus and some programming /scripting ability) or learn cybersecurity/hacking as a hobby:

Networking: Good understanding of OSI layer model / Understating of communication flow through each layer / Good understanding of functions of each layer / Understanding of major protocols in each layer / In-depth understanding Layer 3 & Layer 4 protocols  IP, ICMP Protocols (layer 3) TCP, UDP Protocols (layer 4)

Overview of TCP/IP Layer model: ARP / Understanding of Client & Server communication model / Ports common services run on / Ephemeral port vs Well known ports

Understanding of major (everyday Layer 7) services/protocols: DNS o DHCP o HTTP HTTP Header Fields HTTP Status Codes  How HTTP mainta