Skip to content

Instantly share code, notes, and snippets.

View 2XXE-SRA's full-sized avatar

2XXE (SRA) 2XXE-SRA

6 followers · 0 following
View GitHub Profile
@2XXE-SRA
2XXE-SRA / init.sh
Last active November 9, 2018 16:40 — forked from GeneralTesler/init.sh
bootstrapper script
#!/bin/bash
#bashrc config
echo "PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\][\u⛾ \h]\[\033[00m\] \[\033[01;33m\][\w]\[\033[00m\]\n└─ '" >> $HOME/.bashrc
echo "PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\][\u⛾ \h]\[\033[00m\] \[\033[01;33m\][\w]\[\033[00m\]\n└─ '" >> sudo tee -a /root/.bashrc
echo "export PATH=~/.local/bin:$PATH" >> $HOME/.bashrc
echo "export PATH=~/.local/bin:$PATH" >> /root/.bashrc
#apt general
sudo apt-get update -y
@2XXE-SRA
2XXE-SRA / kali-docker.sh
Last active April 1, 2019 16:53
#!/bin/bash
apt-get install -y apt-transport-https ca-certificates curl gnupg2 software-properties-common
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
echo "deb [arch=amd64] https://download.docker.com/linux/debian stretch stable" >> /etc/apt/sources.list
apt update
apt-get install -y docker-ce docker-ce-cli containerd.io
@2XXE-SRA
2XXE-SRA / burp_encode.json
Created April 10, 2019 17:54
burp url encode/decode hotkey
{
"user_options":{
"misc":{
"hotkeys":[
{
"action":"editor_url_decode",
"hotkey":"Ctrl+Shift+U"
},
{
"action":"editor_url_encode_all_characters",
@2XXE-SRA
2XXE-SRA / coolcryptor.ps1
Last active September 29, 2020 22:36
poc crypto ransomware like script. encrypts all files in given directory
function Invoke-AESEncryptDirectory
{
param(
[string]$directory,
[string]$extension
)
$csharp = @"
//https://stackoverflow.com/questions/27645527/aes-encryption-on-large-files
using System;
@2XXE-SRA
2XXE-SRA / bucket-region.py
Created October 29, 2019 00:48
Get S3 bucket region anonymously via boto3
import boto3
from botocore import UNSIGNED
from botocore.client import Config
s3 = boto3.client('s3', config=Config(signature_version=UNSIGNED))
s3.head_bucket(Bucket="bucketname")
print(s3.head_bucket(Bucket="flaws.cloud")["ResponseMetadata"]["HTTPHeaders"]["x-amz-bucket-region"]) # output: us-west-2
@2XXE-SRA
2XXE-SRA / netrelease.ps1
Last active January 18, 2025 04:26
Add user to LanmanServer SrvsvcSessionInfo DACL, allowing them to perform NetSessionEnum (e.g. NetSess, BloodHound)
# based on NetCease: https://gallery.technet.microsoft.com/Net-Cease-Blocking-Net-1e8dcb5b
# can be deployed on a per-host basis using this script - e.g. via something like SCCM
# or, once deployed to one host, can be deployed via GPO Registry preferences by copying the set registry value
# (lanmanserver still needs to be restarted when done this way)
# see: https://adsecurity.org/?p=3299 -> Disable Windows Legacy & Typically Unused Features -> Disable Net Session Enumeration (NetCease)
# constants
$key = "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\DefaultSecurity"
$name = "SrvsvcSessionInfo"
@2XXE-SRA
2XXE-SRA / 2.exe
Last active June 25, 2020 13:23
misc remote resources
.
@2XXE-SRA
2XXE-SRA / sddl.py
Last active April 29, 2020 15:20
modified from: https://github.com/tojo2k/pysddl/blob/master/sddl.py/sddl.py
"""A module for translating and manipulating SDDL strings.
SDDL strings are used by Microsoft to describe ACLs as described in
http://msdn.microsoft.com/en-us/library/aa379567.aspx.
Example: D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPLOCRRC;;;PU)
"""
__author__ = '[email protected] (Tim Johnson)'
@2XXE-SRA
2XXE-SRA / README.md
Last active May 20, 2020 21:02
Convert Evtx to JSON for Mordor

Convert .evtx file to Mordor

Setup

Download Winlogbeat and place in same directory as script or in $PATH

Usage

PS>
@2XXE-SRA
2XXE-SRA / row.py
Created June 24, 2020 16:12
Python dict to Spark Row in Databricks
from pyspark.sql import Row
# mydict is something like {"abc":"def", "ghi":"jkl"}
computer = Row(*mydict.keys())
rows = [computer(*mydict.values())]
display(spark.createDataFrame(row))